From 6ab5302fa5637c0eeb2e87934783d59a5247d3fc Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Thu, 29 Aug 2024 21:45:30 +0900 Subject: [PATCH 01/11] =?UTF-8?q?Feat:=20=ED=94=84=EB=A1=9C=EC=A0=9D?= =?UTF-8?q?=ED=8A=B8=20=EA=B8=B0=EB=B3=B8=20=EC=84=A4=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 236 +++++++++++++++++ build.gradle | 62 +++++ gradle/wrapper/gradle-wrapper.jar | Bin 0 -> 43453 bytes gradle/wrapper/gradle-wrapper.properties | 7 + gradlew | 249 ++++++++++++++++++ gradlew.bat | 92 +++++++ settings.gradle | 1 + .../ChocoExpressApplication.java | 13 + src/main/resources/application.yml | 13 + .../ChocoExpressApplicationTests.java | 13 + 10 files changed, 686 insertions(+) create mode 100644 .gitignore create mode 100644 build.gradle create mode 100644 gradle/wrapper/gradle-wrapper.jar create mode 100644 gradle/wrapper/gradle-wrapper.properties create mode 100755 gradlew create mode 100644 gradlew.bat create mode 100644 settings.gradle create mode 100644 src/main/java/dgu/choco_express/ChocoExpressApplication.java create mode 100644 src/main/resources/application.yml create mode 100644 src/test/java/dgu/choco_express/ChocoExpressApplicationTests.java diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b20a810 --- /dev/null +++ b/.gitignore @@ -0,0 +1,236 @@ +# Created by https://www.toptal.com/developers/gitignore/api/java,macos,intellij,gradle,windows +# Edit at https://www.toptal.com/developers/gitignore?templates=java,macos,intellij,gradle,windows + +### Intellij ### +# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider +# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 + +# Credentials +src/main/resources/application-prod.yml +src/main/resources/application-local.yml + +.idea +HELP.md + +# User-specific stuff +.idea/**/workspace.xml +.idea/**/tasks.xml +.idea/**/usage.statistics.xml +.idea/**/dictionaries +.idea/**/shelf + +# AWS User-specific +.idea/**/aws.xml + +# Generated files +.idea/**/contentModel.xml + +# Sensitive or high-churn files +.idea/**/dataSources/ +.idea/**/dataSources.ids +.idea/**/dataSources.local.xml +.idea/**/sqlDataSources.xml +.idea/**/dynamic.xml +.idea/**/uiDesigner.xml +.idea/**/dbnavigator.xml + +# Gradle +.idea/**/gradle.xml +.idea/**/libraries + +# Gradle and Maven with auto-import +# When using Gradle or Maven with auto-import, you should exclude module files, +# since they will be recreated, and may cause churn. Uncomment if using +# auto-import. +# .idea/artifacts +# .idea/compiler.xml +# .idea/jarRepositories.xml +# .idea/modules.xml +# .idea/*.iml +# .idea/modules +# *.iml +# *.ipr + +# CMake +cmake-build-*/ + +# Mongo Explorer plugin +.idea/**/mongoSettings.xml + +# File-based project format +*.iws + +# IntelliJ +out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# SonarLint plugin +.idea/sonarlint/ + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties + +# Editor-based Rest Client +.idea/httpRequests + +# Android studio 3.1+ serialized cache file +.idea/caches/build_file_checksums.ser + +### Intellij Patch ### +# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721 + +# *.iml +# modules.xml +# .idea/misc.xml +# *.ipr + +# Sonarlint plugin +# https://plugins.jetbrains.com/plugin/7973-sonarlint +.idea/**/sonarlint/ + +# SonarQube Plugin +# https://plugins.jetbrains.com/plugin/7238-sonarqube-community-plugin +.idea/**/sonarIssues.xml + +# Markdown Navigator plugin +# https://plugins.jetbrains.com/plugin/7896-markdown-navigator-enhanced +.idea/**/markdown-navigator.xml +.idea/**/markdown-navigator-enh.xml +.idea/**/markdown-navigator/ + +# Cache file creation bug +# See https://youtrack.jetbrains.com/issue/JBR-2257 +.idea/$CACHE_FILE$ + +# CodeStream plugin +# https://plugins.jetbrains.com/plugin/12206-codestream +.idea/codestream.xml + +# Azure Toolkit for IntelliJ plugin +# https://plugins.jetbrains.com/plugin/8053-azure-toolkit-for-intellij +.idea/**/azureSettings.xml + +### Java ### +# Compiled class file +*.class + +# Log file +*.log + +# BlueJ files +*.ctxt + +# Mobile Tools for Java (J2ME) +.mtj.tmp/ + +# Package Files # +*.jar +*.war +*.nar +*.ear +*.zip +*.tar.gz +*.rar + +# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml +hs_err_pid* +replay_pid* + +### macOS ### +# General +.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### macOS Patch ### +# iCloud generated files +*.icloud + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# Windows shortcuts +*.lnk + +### Gradle ### +.gradle +**/build/ +!src/**/build/ + +# Ignore Gradle GUI config +gradle-app.setting + +# Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored) +!gradle-wrapper.jar + +# Avoid ignore Gradle wrappper properties +!gradle-wrapper.properties + +# Cache of project +.gradletasknamecache + +# Eclipse Gradle plugin generated files +# Eclipse Core +.project +# JDT-specific (Eclipse Java Development Tools) +.classpath + +### Gradle Patch ### +# Java heap dump +*.hprof + +# End of https://www.toptal.com/developers/gitignore/api/java,macos,intellij,gradle,windows diff --git a/build.gradle b/build.gradle new file mode 100644 index 0000000..0b37c0b --- /dev/null +++ b/build.gradle @@ -0,0 +1,62 @@ +plugins { + id 'java' + id 'org.springframework.boot' version '3.3.3' + id 'io.spring.dependency-management' version '1.1.6' +} + +group = 'dgu' +version = '0.0.1-SNAPSHOT' + +java { + toolchain { + languageVersion = JavaLanguageVersion.of(17) + } +} + +repositories { + mavenCentral() +} + +dependencies { + //database + implementation 'org.springframework.boot:spring-boot-starter-data-jdbc' + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + runtimeOnly 'com.mysql:mysql-connector-j' + + // redis + implementation 'org.springframework.boot:spring-boot-starter-data-redis' + + // spring security + implementation 'org.springframework.boot:spring-boot-starter-security' + testImplementation 'org.springframework.security:spring-security-test' + implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' + + // spring boot + implementation 'org.springframework.boot:spring-boot-starter-web' + testImplementation 'org.springframework.boot:spring-boot-starter-test' + developmentOnly 'org.springframework.boot:spring-boot-devtools' + compileOnly 'org.projectlombok:lombok' + annotationProcessor 'org.projectlombok:lombok' + implementation 'org.springframework.boot:spring-boot-starter-validation' + + // jwt + implementation 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.0' + implementation 'io.jsonwebtoken:jjwt-api:0.11.5' + runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5' + runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5' + + //json + implementation 'net.minidev:json-smart:2.4.7' +} + +task copyGitSubmodule(type: Copy) { + copy { + from './skeep-properties' + include '*.yml' + into './src/main/resources' + } +} + +tasks.named('test') { + useJUnitPlatform() +} diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000000000000000000000000000000000000..e6441136f3d4ba8a0da8d277868979cfbc8ad796 GIT binary patch literal 43453 zcma&N1CXTcmMvW9vTb(Rwr$&4wr$(C?dmSu>@vG-+vuvg^_??!{yS%8zW-#zn-LkA z5&1^$^{lnmUON?}LBF8_K|(?T0Ra(xUH{($5eN!MR#ZihR#HxkUPe+_R8Cn`RRs(P z_^*#_XlXmGv7!4;*Y%p4nw?{bNp@UZHv1?Um8r6)Fei3p@ClJn0ECfg1hkeuUU@Or zDaPa;U3fE=3L}DooL;8f;P0ipPt0Z~9P0)lbStMS)ag54=uL9ia-Lm3nh|@(Y?B`; zx_#arJIpXH!U{fbCbI^17}6Ri*H<>OLR%c|^mh8+)*h~K8Z!9)DPf zR2h?lbDZQ`p9P;&DQ4F0sur@TMa!Y}S8irn(%d-gi0*WxxCSk*A?3lGh=gcYN?FGl z7D=Js!i~0=u3rox^eO3i@$0=n{K1lPNU zwmfjRVmLOCRfe=seV&P*1Iq=^i`502keY8Uy-WNPwVNNtJFx?IwAyRPZo2Wo1+S(xF37LJZ~%i)kpFQ3Fw=mXfd@>%+)RpYQLnr}B~~zoof(JVm^^&f zxKV^+3D3$A1G;qh4gPVjhrC8e(VYUHv#dy^)(RoUFM?o%W-EHxufuWf(l*@-l+7vt z=l`qmR56K~F|v<^Pd*p~1_y^P0P^aPC##d8+HqX4IR1gu+7w#~TBFphJxF)T$2WEa zxa?H&6=Qe7d(#tha?_1uQys2KtHQ{)Qco)qwGjrdNL7thd^G5i8Os)CHqc>iOidS} z%nFEDdm=GXBw=yXe1W-ShHHFb?Cc70+$W~z_+}nAoHFYI1MV1wZegw*0y^tC*s%3h zhD3tN8b=Gv&rj}!SUM6|ajSPp*58KR7MPpI{oAJCtY~JECm)*m_x>AZEu>DFgUcby z1Qaw8lU4jZpQ_$;*7RME+gq1KySGG#Wql>aL~k9tLrSO()LWn*q&YxHEuzmwd1?aAtI zBJ>P=&$=l1efe1CDU;`Fd+_;&wI07?V0aAIgc(!{a z0Jg6Y=inXc3^n!U0Atk`iCFIQooHqcWhO(qrieUOW8X(x?(RD}iYDLMjSwffH2~tB z)oDgNBLB^AJBM1M^c5HdRx6fBfka`(LD-qrlh5jqH~);#nw|iyp)()xVYak3;Ybik z0j`(+69aK*B>)e_p%=wu8XC&9e{AO4c~O1U`5X9}?0mrd*m$_EUek{R?DNSh(=br# z#Q61gBzEpmy`$pA*6!87 zSDD+=@fTY7<4A?GLqpA?Pb2z$pbCc4B4zL{BeZ?F-8`s$?>*lXXtn*NC61>|*w7J* z$?!iB{6R-0=KFmyp1nnEmLsA-H0a6l+1uaH^g%c(p{iT&YFrbQ$&PRb8Up#X3@Zsk zD^^&LK~111%cqlP%!_gFNa^dTYT?rhkGl}5=fL{a`UViaXWI$k-UcHJwmaH1s=S$4 z%4)PdWJX;hh5UoK?6aWoyLxX&NhNRqKam7tcOkLh{%j3K^4Mgx1@i|Pi&}<^5>hs5 zm8?uOS>%)NzT(%PjVPGa?X%`N2TQCKbeH2l;cTnHiHppPSJ<7y-yEIiC!P*ikl&!B z%+?>VttCOQM@ShFguHVjxX^?mHX^hSaO_;pnyh^v9EumqSZTi+#f&_Vaija0Q-e*| z7ulQj6Fs*bbmsWp{`auM04gGwsYYdNNZcg|ph0OgD>7O}Asn7^Z=eI>`$2*v78;sj-}oMoEj&@)9+ycEOo92xSyY344^ z11Hb8^kdOvbf^GNAK++bYioknrpdN>+u8R?JxG=!2Kd9r=YWCOJYXYuM0cOq^FhEd zBg2puKy__7VT3-r*dG4c62Wgxi52EMCQ`bKgf*#*ou(D4-ZN$+mg&7$u!! z-^+Z%;-3IDwqZ|K=ah85OLwkO zKxNBh+4QHh)u9D?MFtpbl)us}9+V!D%w9jfAMYEb>%$A;u)rrI zuBudh;5PN}_6J_}l55P3l_)&RMlH{m!)ai-i$g)&*M`eN$XQMw{v^r@-125^RRCF0 z^2>|DxhQw(mtNEI2Kj(;KblC7x=JlK$@78`O~>V!`|1Lm-^JR$-5pUANAnb(5}B}JGjBsliK4& zk6y(;$e&h)lh2)L=bvZKbvh@>vLlreBdH8No2>$#%_Wp1U0N7Ank!6$dFSi#xzh|( zRi{Uw%-4W!{IXZ)fWx@XX6;&(m_F%c6~X8hx=BN1&q}*( zoaNjWabE{oUPb!Bt$eyd#$5j9rItB-h*5JiNi(v^e|XKAj*8(k<5-2$&ZBR5fF|JA z9&m4fbzNQnAU}r8ab>fFV%J0z5awe#UZ|bz?Ur)U9bCIKWEzi2%A+5CLqh?}K4JHi z4vtM;+uPsVz{Lfr;78W78gC;z*yTch~4YkLr&m-7%-xc ztw6Mh2d>_iO*$Rd8(-Cr1_V8EO1f*^@wRoSozS) zy1UoC@pruAaC8Z_7~_w4Q6n*&B0AjOmMWa;sIav&gu z|J5&|{=a@vR!~k-OjKEgPFCzcJ>#A1uL&7xTDn;{XBdeM}V=l3B8fE1--DHjSaxoSjNKEM9|U9#m2<3>n{Iuo`r3UZp;>GkT2YBNAh|b z^jTq-hJp(ebZh#Lk8hVBP%qXwv-@vbvoREX$TqRGTgEi$%_F9tZES@z8Bx}$#5eeG zk^UsLBH{bc2VBW)*EdS({yw=?qmevwi?BL6*=12k9zM5gJv1>y#ML4!)iiPzVaH9% zgSImetD@dam~e>{LvVh!phhzpW+iFvWpGT#CVE5TQ40n%F|p(sP5mXxna+Ev7PDwA zamaV4m*^~*xV+&p;W749xhb_X=$|LD;FHuB&JL5?*Y2-oIT(wYY2;73<^#46S~Gx| z^cez%V7x$81}UWqS13Gz80379Rj;6~WdiXWOSsdmzY39L;Hg3MH43o*y8ibNBBH`(av4|u;YPq%{R;IuYow<+GEsf@R?=@tT@!}?#>zIIn0CoyV!hq3mw zHj>OOjfJM3F{RG#6ujzo?y32m^tgSXf@v=J$ELdJ+=5j|=F-~hP$G&}tDZsZE?5rX ztGj`!S>)CFmdkccxM9eGIcGnS2AfK#gXwj%esuIBNJQP1WV~b~+D7PJTmWGTSDrR` zEAu4B8l>NPuhsk5a`rReSya2nfV1EK01+G!x8aBdTs3Io$u5!6n6KX%uv@DxAp3F@{4UYg4SWJtQ-W~0MDb|j-$lwVn znAm*Pl!?Ps&3wO=R115RWKb*JKoexo*)uhhHBncEDMSVa_PyA>k{Zm2(wMQ(5NM3# z)jkza|GoWEQo4^s*wE(gHz?Xsg4`}HUAcs42cM1-qq_=+=!Gk^y710j=66(cSWqUe zklbm8+zB_syQv5A2rj!Vbw8;|$@C!vfNmNV!yJIWDQ>{+2x zKjuFX`~~HKG~^6h5FntRpnnHt=D&rq0>IJ9#F0eM)Y-)GpRjiN7gkA8wvnG#K=q{q z9dBn8_~wm4J<3J_vl|9H{7q6u2A!cW{bp#r*-f{gOV^e=8S{nc1DxMHFwuM$;aVI^ zz6A*}m8N-&x8;aunp1w7_vtB*pa+OYBw=TMc6QK=mbA-|Cf* zvyh8D4LRJImooUaSb7t*fVfih<97Gf@VE0|z>NcBwBQze);Rh!k3K_sfunToZY;f2 z^HmC4KjHRVg+eKYj;PRN^|E0>Gj_zagfRbrki68I^#~6-HaHg3BUW%+clM1xQEdPYt_g<2K+z!$>*$9nQ>; zf9Bei{?zY^-e{q_*|W#2rJG`2fy@{%6u0i_VEWTq$*(ZN37|8lFFFt)nCG({r!q#9 z5VK_kkSJ3?zOH)OezMT{!YkCuSSn!K#-Rhl$uUM(bq*jY? zi1xbMVthJ`E>d>(f3)~fozjg^@eheMF6<)I`oeJYx4*+M&%c9VArn(OM-wp%M<-`x z7sLP1&3^%Nld9Dhm@$3f2}87!quhI@nwd@3~fZl_3LYW-B?Ia>ui`ELg z&Qfe!7m6ze=mZ`Ia9$z|ARSw|IdMpooY4YiPN8K z4B(ts3p%2i(Td=tgEHX z0UQ_>URBtG+-?0E;E7Ld^dyZ;jjw0}XZ(}-QzC6+NN=40oDb2^v!L1g9xRvE#@IBR zO!b-2N7wVfLV;mhEaXQ9XAU+>=XVA6f&T4Z-@AX!leJ8obP^P^wP0aICND?~w&NykJ#54x3_@r7IDMdRNy4Hh;h*!u(Ol(#0bJdwEo$5437-UBjQ+j=Ic>Q2z` zJNDf0yO6@mr6y1#n3)s(W|$iE_i8r@Gd@!DWDqZ7J&~gAm1#~maIGJ1sls^gxL9LLG_NhU!pTGty!TbhzQnu)I*S^54U6Yu%ZeCg`R>Q zhBv$n5j0v%O_j{QYWG!R9W?5_b&67KB$t}&e2LdMvd(PxN6Ir!H4>PNlerpBL>Zvyy!yw z-SOo8caEpDt(}|gKPBd$qND5#a5nju^O>V&;f890?yEOfkSG^HQVmEbM3Ugzu+UtH zC(INPDdraBN?P%kE;*Ae%Wto&sgw(crfZ#Qy(<4nk;S|hD3j{IQRI6Yq|f^basLY; z-HB&Je%Gg}Jt@={_C{L$!RM;$$|iD6vu#3w?v?*;&()uB|I-XqEKqZPS!reW9JkLewLb!70T7n`i!gNtb1%vN- zySZj{8-1>6E%H&=V}LM#xmt`J3XQoaD|@XygXjdZ1+P77-=;=eYpoEQ01B@L*a(uW zrZeZz?HJsw_4g0vhUgkg@VF8<-X$B8pOqCuWAl28uB|@r`19DTUQQsb^pfqB6QtiT z*`_UZ`fT}vtUY#%sq2{rchyfu*pCg;uec2$-$N_xgjZcoumE5vSI{+s@iLWoz^Mf; zuI8kDP{!XY6OP~q5}%1&L}CtfH^N<3o4L@J@zg1-mt{9L`s^z$Vgb|mr{@WiwAqKg zp#t-lhrU>F8o0s1q_9y`gQNf~Vb!F%70f}$>i7o4ho$`uciNf=xgJ>&!gSt0g;M>*x4-`U)ysFW&Vs^Vk6m%?iuWU+o&m(2Jm26Y(3%TL; zA7T)BP{WS!&xmxNw%J=$MPfn(9*^*TV;$JwRy8Zl*yUZi8jWYF>==j~&S|Xinsb%c z2?B+kpet*muEW7@AzjBA^wAJBY8i|#C{WtO_or&Nj2{=6JTTX05}|H>N2B|Wf!*3_ z7hW*j6p3TvpghEc6-wufFiY!%-GvOx*bZrhZu+7?iSrZL5q9}igiF^*R3%DE4aCHZ zqu>xS8LkW+Auv%z-<1Xs92u23R$nk@Pk}MU5!gT|c7vGlEA%G^2th&Q*zfg%-D^=f z&J_}jskj|Q;73NP4<4k*Y%pXPU2Thoqr+5uH1yEYM|VtBPW6lXaetokD0u z9qVek6Q&wk)tFbQ8(^HGf3Wp16gKmr>G;#G(HRBx?F`9AIRboK+;OfHaLJ(P>IP0w zyTbTkx_THEOs%Q&aPrxbZrJlio+hCC_HK<4%f3ZoSAyG7Dn`=X=&h@m*|UYO-4Hq0 z-Bq&+Ie!S##4A6OGoC~>ZW`Y5J)*ouaFl_e9GA*VSL!O_@xGiBw!AF}1{tB)z(w%c zS1Hmrb9OC8>0a_$BzeiN?rkPLc9%&;1CZW*4}CDDNr2gcl_3z+WC15&H1Zc2{o~i) z)LLW=WQ{?ricmC`G1GfJ0Yp4Dy~Ba;j6ZV4r{8xRs`13{dD!xXmr^Aga|C=iSmor% z8hi|pTXH)5Yf&v~exp3o+sY4B^^b*eYkkCYl*T{*=-0HniSA_1F53eCb{x~1k3*`W zr~};p1A`k{1DV9=UPnLDgz{aJH=-LQo<5%+Em!DNN252xwIf*wF_zS^!(XSm(9eoj z=*dXG&n0>)_)N5oc6v!>-bd(2ragD8O=M|wGW z!xJQS<)u70m&6OmrF0WSsr@I%T*c#Qo#Ha4d3COcX+9}hM5!7JIGF>7<~C(Ear^Sn zm^ZFkV6~Ula6+8S?oOROOA6$C&q&dp`>oR-2Ym3(HT@O7Sd5c~+kjrmM)YmgPH*tL zX+znN>`tv;5eOfX?h{AuX^LK~V#gPCu=)Tigtq9&?7Xh$qN|%A$?V*v=&-2F$zTUv z`C#WyIrChS5|Kgm_GeudCFf;)!WH7FI60j^0o#65o6`w*S7R@)88n$1nrgU(oU0M9 zx+EuMkC>(4j1;m6NoGqEkpJYJ?vc|B zOlwT3t&UgL!pX_P*6g36`ZXQ; z9~Cv}ANFnJGp(;ZhS(@FT;3e)0)Kp;h^x;$*xZn*k0U6-&FwI=uOGaODdrsp-!K$Ac32^c{+FhI-HkYd5v=`PGsg%6I`4d9Jy)uW0y%) zm&j^9WBAp*P8#kGJUhB!L?a%h$hJgQrx!6KCB_TRo%9{t0J7KW8!o1B!NC)VGLM5! zpZy5Jc{`r{1e(jd%jsG7k%I+m#CGS*BPA65ZVW~fLYw0dA-H_}O zrkGFL&P1PG9p2(%QiEWm6x;U-U&I#;Em$nx-_I^wtgw3xUPVVu zqSuKnx&dIT-XT+T10p;yjo1Y)z(x1fb8Dzfn8e yu?e%!_ptzGB|8GrCfu%p?(_ zQccdaaVK$5bz;*rnyK{_SQYM>;aES6Qs^lj9lEs6_J+%nIiuQC*fN;z8md>r_~Mfl zU%p5Dt_YT>gQqfr@`cR!$NWr~+`CZb%dn;WtzrAOI>P_JtsB76PYe*<%H(y>qx-`Kq!X_; z<{RpAqYhE=L1r*M)gNF3B8r(<%8mo*SR2hu zccLRZwGARt)Hlo1euqTyM>^!HK*!Q2P;4UYrysje@;(<|$&%vQekbn|0Ruu_Io(w4#%p6ld2Yp7tlA`Y$cciThP zKzNGIMPXX%&Ud0uQh!uQZz|FB`4KGD?3!ND?wQt6!n*f4EmCoJUh&b?;B{|lxs#F- z31~HQ`SF4x$&v00@(P+j1pAaj5!s`)b2RDBp*PB=2IB>oBF!*6vwr7Dp%zpAx*dPr zb@Zjq^XjN?O4QcZ*O+8>)|HlrR>oD*?WQl5ri3R#2?*W6iJ>>kH%KnnME&TT@ZzrHS$Q%LC?n|e>V+D+8D zYc4)QddFz7I8#}y#Wj6>4P%34dZH~OUDb?uP%-E zwjXM(?Sg~1!|wI(RVuxbu)-rH+O=igSho_pDCw(c6b=P zKk4ATlB?bj9+HHlh<_!&z0rx13K3ZrAR8W)!@Y}o`?a*JJsD+twZIv`W)@Y?Amu_u zz``@-e2X}27$i(2=9rvIu5uTUOVhzwu%mNazS|lZb&PT;XE2|B&W1>=B58#*!~D&) zfVmJGg8UdP*fx(>Cj^?yS^zH#o-$Q-*$SnK(ZVFkw+er=>N^7!)FtP3y~Xxnu^nzY zikgB>Nj0%;WOltWIob|}%lo?_C7<``a5hEkx&1ku$|)i>Rh6@3h*`slY=9U}(Ql_< zaNG*J8vb&@zpdhAvv`?{=zDedJ23TD&Zg__snRAH4eh~^oawdYi6A3w8<Ozh@Kw)#bdktM^GVb zrG08?0bG?|NG+w^&JvD*7LAbjED{_Zkc`3H!My>0u5Q}m!+6VokMLXxl`Mkd=g&Xx z-a>m*#G3SLlhbKB!)tnzfWOBV;u;ftU}S!NdD5+YtOjLg?X}dl>7m^gOpihrf1;PY zvll&>dIuUGs{Qnd- zwIR3oIrct8Va^Tm0t#(bJD7c$Z7DO9*7NnRZorrSm`b`cxz>OIC;jSE3DO8`hX955ui`s%||YQtt2 z5DNA&pG-V+4oI2s*x^>-$6J?p=I>C|9wZF8z;VjR??Icg?1w2v5Me+FgAeGGa8(3S z4vg*$>zC-WIVZtJ7}o9{D-7d>zCe|z#<9>CFve-OPAYsneTb^JH!Enaza#j}^mXy1 z+ULn^10+rWLF6j2>Ya@@Kq?26>AqK{A_| zQKb*~F1>sE*=d?A?W7N2j?L09_7n+HGi{VY;MoTGr_)G9)ot$p!-UY5zZ2Xtbm=t z@dpPSGwgH=QtIcEulQNI>S-#ifbnO5EWkI;$A|pxJd885oM+ zGZ0_0gDvG8q2xebj+fbCHYfAXuZStH2j~|d^sBAzo46(K8n59+T6rzBwK)^rfPT+B zyIFw)9YC-V^rhtK`!3jrhmW-sTmM+tPH+;nwjL#-SjQPUZ53L@A>y*rt(#M(qsiB2 zx6B)dI}6Wlsw%bJ8h|(lhkJVogQZA&n{?Vgs6gNSXzuZpEyu*xySy8ro07QZ7Vk1!3tJphN_5V7qOiyK8p z#@jcDD8nmtYi1^l8ml;AF<#IPK?!pqf9D4moYk>d99Im}Jtwj6c#+A;f)CQ*f-hZ< z=p_T86jog%!p)D&5g9taSwYi&eP z#JuEK%+NULWus;0w32-SYFku#i}d~+{Pkho&^{;RxzP&0!RCm3-9K6`>KZpnzS6?L z^H^V*s!8<>x8bomvD%rh>Zp3>Db%kyin;qtl+jAv8Oo~1g~mqGAC&Qi_wy|xEt2iz zWAJEfTV%cl2Cs<1L&DLRVVH05EDq`pH7Oh7sR`NNkL%wi}8n>IXcO40hp+J+sC!W?!krJf!GJNE8uj zg-y~Ns-<~D?yqbzVRB}G>0A^f0!^N7l=$m0OdZuqAOQqLc zX?AEGr1Ht+inZ-Qiwnl@Z0qukd__a!C*CKuGdy5#nD7VUBM^6OCpxCa2A(X;e0&V4 zM&WR8+wErQ7UIc6LY~Q9x%Sn*Tn>>P`^t&idaOEnOd(Ufw#>NoR^1QdhJ8s`h^|R_ zXX`c5*O~Xdvh%q;7L!_!ohf$NfEBmCde|#uVZvEo>OfEq%+Ns7&_f$OR9xsihRpBb z+cjk8LyDm@U{YN>+r46?nn{7Gh(;WhFw6GAxtcKD+YWV?uge>;+q#Xx4!GpRkVZYu zzsF}1)7$?%s9g9CH=Zs+B%M_)+~*j3L0&Q9u7!|+T`^O{xE6qvAP?XWv9_MrZKdo& z%IyU)$Q95AB4!#hT!_dA>4e@zjOBD*Y=XjtMm)V|+IXzjuM;(l+8aA5#Kaz_$rR6! zj>#&^DidYD$nUY(D$mH`9eb|dtV0b{S>H6FBfq>t5`;OxA4Nn{J(+XihF(stSche7$es&~N$epi&PDM_N`As;*9D^L==2Q7Z2zD+CiU(|+-kL*VG+&9!Yb3LgPy?A zm7Z&^qRG_JIxK7-FBzZI3Q<;{`DIxtc48k> zc|0dmX;Z=W$+)qE)~`yn6MdoJ4co;%!`ddy+FV538Y)j(vg}5*k(WK)KWZ3WaOG!8 z!syGn=s{H$odtpqFrT#JGM*utN7B((abXnpDM6w56nhw}OY}0TiTG1#f*VFZr+^-g zbP10`$LPq_;PvrA1XXlyx2uM^mrjTzX}w{yuLo-cOClE8MMk47T25G8M!9Z5ypOSV zAJUBGEg5L2fY)ZGJb^E34R2zJ?}Vf>{~gB!8=5Z) z9y$>5c)=;o0HeHHSuE4U)#vG&KF|I%-cF6f$~pdYJWk_dD}iOA>iA$O$+4%@>JU08 zS`ep)$XLPJ+n0_i@PkF#ri6T8?ZeAot$6JIYHm&P6EB=BiaNY|aA$W0I+nz*zkz_z zkEru!tj!QUffq%)8y0y`T&`fuus-1p>=^hnBiBqD^hXrPs`PY9tU3m0np~rISY09> z`P3s=-kt_cYcxWd{de@}TwSqg*xVhp;E9zCsnXo6z z?f&Sv^U7n4`xr=mXle94HzOdN!2kB~4=%)u&N!+2;z6UYKUDqi-s6AZ!haB;@&B`? z_TRX0%@suz^TRdCb?!vNJYPY8L_}&07uySH9%W^Tc&1pia6y1q#?*Drf}GjGbPjBS zbOPcUY#*$3sL2x4v_i*Y=N7E$mR}J%|GUI(>WEr+28+V z%v5{#e!UF*6~G&%;l*q*$V?&r$Pp^sE^i-0$+RH3ERUUdQ0>rAq2(2QAbG}$y{de( z>{qD~GGuOk559Y@%$?N^1ApVL_a704>8OD%8Y%8B;FCt%AoPu8*D1 zLB5X>b}Syz81pn;xnB}%0FnwazlWfUV)Z-~rZg6~b z6!9J$EcE&sEbzcy?CI~=boWA&eeIa%z(7SE^qgVLz??1Vbc1*aRvc%Mri)AJaAG!p z$X!_9Ds;Zz)f+;%s&dRcJt2==P{^j3bf0M=nJd&xwUGlUFn?H=2W(*2I2Gdu zv!gYCwM10aeus)`RIZSrCK=&oKaO_Ry~D1B5!y0R=%!i2*KfXGYX&gNv_u+n9wiR5 z*e$Zjju&ODRW3phN925%S(jL+bCHv6rZtc?!*`1TyYXT6%Ju=|X;6D@lq$8T zW{Y|e39ioPez(pBH%k)HzFITXHvnD6hw^lIoUMA;qAJ^CU?top1fo@s7xT13Fvn1H z6JWa-6+FJF#x>~+A;D~;VDs26>^oH0EI`IYT2iagy23?nyJ==i{g4%HrAf1-*v zK1)~@&(KkwR7TL}L(A@C_S0G;-GMDy=MJn2$FP5s<%wC)4jC5PXoxrQBFZ_k0P{{s@sz+gX`-!=T8rcB(=7vW}^K6oLWMmp(rwDh}b zwaGGd>yEy6fHv%jM$yJXo5oMAQ>c9j`**}F?MCry;T@47@r?&sKHgVe$MCqk#Z_3S z1GZI~nOEN*P~+UaFGnj{{Jo@16`(qVNtbU>O0Hf57-P>x8Jikp=`s8xWs^dAJ9lCQ z)GFm+=OV%AMVqVATtN@|vp61VVAHRn87}%PC^RAzJ%JngmZTasWBAWsoAqBU+8L8u z4A&Pe?fmTm0?mK-BL9t+{y7o(7jm+RpOhL9KnY#E&qu^}B6=K_dB}*VlSEiC9fn)+V=J;OnN)Ta5v66ic1rG+dGAJ1 z1%Zb_+!$=tQ~lxQrzv3x#CPb?CekEkA}0MYSgx$Jdd}q8+R=ma$|&1a#)TQ=l$1tQ z=tL9&_^vJ)Pk}EDO-va`UCT1m#Uty1{v^A3P~83_#v^ozH}6*9mIjIr;t3Uv%@VeW zGL6(CwCUp)Jq%G0bIG%?{_*Y#5IHf*5M@wPo6A{$Um++Co$wLC=J1aoG93&T7Ho}P z=mGEPP7GbvoG!uD$k(H3A$Z))+i{Hy?QHdk>3xSBXR0j!11O^mEe9RHmw!pvzv?Ua~2_l2Yh~_!s1qS`|0~0)YsbHSz8!mG)WiJE| z2f($6TQtt6L_f~ApQYQKSb=`053LgrQq7G@98#igV>y#i==-nEjQ!XNu9 z~;mE+gtj4IDDNQJ~JVk5Ux6&LCSFL!y=>79kE9=V}J7tD==Ga+IW zX)r7>VZ9dY=V&}DR))xUoV!u(Z|%3ciQi_2jl}3=$Agc(`RPb z8kEBpvY>1FGQ9W$n>Cq=DIpski};nE)`p3IUw1Oz0|wxll^)4dq3;CCY@RyJgFgc# zKouFh!`?Xuo{IMz^xi-h=StCis_M7yq$u) z?XHvw*HP0VgR+KR6wI)jEMX|ssqYvSf*_3W8zVTQzD?3>H!#>InzpSO)@SC8q*ii- z%%h}_#0{4JG;Jm`4zg};BPTGkYamx$Xo#O~lBirRY)q=5M45n{GCfV7h9qwyu1NxOMoP4)jjZMxmT|IQQh0U7C$EbnMN<3)Kk?fFHYq$d|ICu>KbY_hO zTZM+uKHe(cIZfEqyzyYSUBZa8;Fcut-GN!HSA9ius`ltNebF46ZX_BbZNU}}ZOm{M2&nANL9@0qvih15(|`S~z}m&h!u4x~(%MAO$jHRWNfuxWF#B)E&g3ghSQ9|> z(MFaLQj)NE0lowyjvg8z0#m6FIuKE9lDO~Glg}nSb7`~^&#(Lw{}GVOS>U)m8bF}x zVjbXljBm34Cs-yM6TVusr+3kYFjr28STT3g056y3cH5Tmge~ASxBj z%|yb>$eF;WgrcOZf569sDZOVwoo%8>XO>XQOX1OyN9I-SQgrm;U;+#3OI(zrWyow3 zk==|{lt2xrQ%FIXOTejR>;wv(Pb8u8}BUpx?yd(Abh6? zsoO3VYWkeLnF43&@*#MQ9-i-d0t*xN-UEyNKeyNMHw|A(k(_6QKO=nKMCxD(W(Yop zsRQ)QeL4X3Lxp^L%wzi2-WVSsf61dqliPUM7srDB?Wm6Lzn0&{*}|IsKQW;02(Y&| zaTKv|`U(pSzuvR6Rduu$wzK_W-Y-7>7s?G$)U}&uK;<>vU}^^ns@Z!p+9?St1s)dG zK%y6xkPyyS1$~&6v{kl?Md6gwM|>mt6Upm>oa8RLD^8T{0?HC!Z>;(Bob7el(DV6x zi`I)$&E&ngwFS@bi4^xFLAn`=fzTC;aimE^!cMI2n@Vo%Ae-ne`RF((&5y6xsjjAZ zVguVoQ?Z9uk$2ON;ersE%PU*xGO@T*;j1BO5#TuZKEf(mB7|g7pcEA=nYJ{s3vlbg zd4-DUlD{*6o%Gc^N!Nptgay>j6E5;3psI+C3Q!1ZIbeCubW%w4pq9)MSDyB{HLm|k zxv-{$$A*pS@csolri$Ge<4VZ}e~78JOL-EVyrbxKra^d{?|NnPp86!q>t<&IP07?Z z^>~IK^k#OEKgRH+LjllZXk7iA>2cfH6+(e&9ku5poo~6y{GC5>(bRK7hwjiurqAiZ zg*DmtgY}v83IjE&AbiWgMyFbaRUPZ{lYiz$U^&Zt2YjG<%m((&_JUbZcfJ22(>bi5 z!J?<7AySj0JZ&<-qXX;mcV!f~>G=sB0KnjWca4}vrtunD^1TrpfeS^4dvFr!65knK zZh`d;*VOkPs4*-9kL>$GP0`(M!j~B;#x?Ba~&s6CopvO86oM?-? zOw#dIRc;6A6T?B`Qp%^<U5 z19x(ywSH$_N+Io!6;e?`tWaM$`=Db!gzx|lQ${DG!zb1Zl&|{kX0y6xvO1o z220r<-oaS^^R2pEyY;=Qllqpmue|5yI~D|iI!IGt@iod{Opz@*ml^w2bNs)p`M(Io z|E;;m*Xpjd9l)4G#KaWfV(t8YUn@A;nK^#xgv=LtnArX|vWQVuw3}B${h+frU2>9^ z!l6)!Uo4`5k`<<;E(ido7M6lKTgWezNLq>U*=uz&s=cc$1%>VrAeOoUtA|T6gO4>UNqsdK=NF*8|~*sl&wI=x9-EGiq*aqV!(VVXA57 zw9*o6Ir8Lj1npUXvlevtn(_+^X5rzdR>#(}4YcB9O50q97%rW2me5_L=%ffYPUSRc z!vv?Kv>dH994Qi>U(a<0KF6NH5b16enCp+mw^Hb3Xs1^tThFpz!3QuN#}KBbww`(h z7GO)1olDqy6?T$()R7y%NYx*B0k_2IBiZ14&8|JPFxeMF{vSTxF-Vi3+ZOI=Thq2} zyQgjYY1_7^ZQHh{?P))4+qUiQJLi1&{yE>h?~jU%tjdV0h|FENbM3X(KnJdPKc?~k zh=^Ixv*+smUll!DTWH!jrV*wSh*(mx0o6}1@JExzF(#9FXgmTXVoU+>kDe68N)dkQ zH#_98Zv$}lQwjKL@yBd;U(UD0UCl322=pav<=6g>03{O_3oKTq;9bLFX1ia*lw;#K zOiYDcBJf)82->83N_Y(J7Kr_3lE)hAu;)Q(nUVydv+l+nQ$?|%MWTy`t>{havFSQloHwiIkGK9YZ79^9?AZo0ZyQlVR#}lF%dn5n%xYksXf8gnBm=wO7g_^! zauQ-bH1Dc@3ItZ-9D_*pH}p!IG7j8A_o94#~>$LR|TFq zZ-b00*nuw|-5C2lJDCw&8p5N~Z1J&TrcyErds&!l3$eSz%`(*izc;-?HAFD9AHb-| z>)id`QCrzRws^9(#&=pIx9OEf2rmlob8sK&xPCWS+nD~qzU|qG6KwA{zbikcfQrdH z+ zQg>O<`K4L8rN7`GJB0*3<3`z({lWe#K!4AZLsI{%z#ja^OpfjU{!{)x0ZH~RB0W5X zTwN^w=|nA!4PEU2=LR05x~}|B&ZP?#pNgDMwD*ajI6oJqv!L81gu=KpqH22avXf0w zX3HjbCI!n9>l046)5rr5&v5ja!xkKK42zmqHzPx$9Nn_MZk`gLeSLgC=LFf;H1O#B zn=8|^1iRrujHfbgA+8i<9jaXc;CQBAmQvMGQPhFec2H1knCK2x!T`e6soyrqCamX% zTQ4dX_E*8so)E*TB$*io{$c6X)~{aWfaqdTh=xEeGvOAN9H&-t5tEE-qso<+C!2>+ zskX51H-H}#X{A75wqFe-J{?o8Bx|>fTBtl&tcbdR|132Ztqu5X0i-pisB-z8n71%q%>EF}yy5?z=Ve`}hVh{Drv1YWL zW=%ug_&chF11gDv3D6B)Tz5g54H0mDHNjuKZ+)CKFk4Z|$RD zfRuKLW`1B>B?*RUfVd0+u8h3r-{@fZ{k)c!93t1b0+Q9vOaRnEn1*IL>5Z4E4dZ!7 ztp4GP-^1d>8~LMeb}bW!(aAnB1tM_*la=Xx)q(I0Y@__Zd$!KYb8T2VBRw%e$iSdZ zkwdMwd}eV9q*;YvrBFTv1>1+}{H!JK2M*C|TNe$ZSA>UHKk);wz$(F$rXVc|sI^lD zV^?_J!3cLM;GJuBMbftbaRUs$;F}HDEDtIeHQ)^EJJ1F9FKJTGH<(Jj`phE6OuvE) zqK^K`;3S{Y#1M@8yRQwH`?kHMq4tHX#rJ>5lY3DM#o@or4&^_xtBC(|JpGTfrbGkA z2Tu+AyT^pHannww!4^!$5?@5v`LYy~T`qs7SYt$JgrY(w%C+IWA;ZkwEF)u5sDvOK zGk;G>Mh&elvXDcV69J_h02l&O;!{$({fng9Rlc3ID#tmB^FIG^w{HLUpF+iB`|
NnX)EH+Nua)3Y(c z&{(nX_ht=QbJ%DzAya}!&uNu!4V0xI)QE$SY__m)SAKcN0P(&JcoK*Lxr@P zY&P=}&B3*UWNlc|&$Oh{BEqwK2+N2U$4WB7Fd|aIal`FGANUa9E-O)!gV`((ZGCc$ zBJA|FFrlg~9OBp#f7aHodCe{6= zay$6vN~zj1ddMZ9gQ4p32(7wD?(dE>KA2;SOzXRmPBiBc6g`eOsy+pVcHu=;Yd8@{ zSGgXf@%sKKQz~;!J;|2fC@emm#^_rnO0esEn^QxXgJYd`#FPWOUU5b;9eMAF zZhfiZb|gk8aJIw*YLp4!*(=3l8Cp{(%p?ho22*vN9+5NLV0TTazNY$B5L6UKUrd$n zjbX%#m7&F#U?QNOBXkiiWB*_tk+H?N3`vg;1F-I+83{M2!8<^nydGr5XX}tC!10&e z7D36bLaB56WrjL&HiiMVtpff|K%|*{t*ltt^5ood{FOG0<>k&1h95qPio)2`eL${YAGIx(b4VN*~nKn6E~SIQUuRH zQ+5zP6jfnP$S0iJ@~t!Ai3o`X7biohli;E zT#yXyl{bojG@-TGZzpdVDXhbmF%F9+-^YSIv|MT1l3j zrxOFq>gd2%U}?6}8mIj?M zc077Zc9fq(-)4+gXv?Az26IO6eV`RAJz8e3)SC7~>%rlzDwySVx*q$ygTR5kW2ds- z!HBgcq0KON9*8Ff$X0wOq$`T7ml(@TF)VeoF}x1OttjuVHn3~sHrMB++}f7f9H%@f z=|kP_?#+fve@{0MlbkC9tyvQ_R?lRdRJ@$qcB(8*jyMyeME5ns6ypVI1Xm*Zr{DuS zZ!1)rQfa89c~;l~VkCiHI|PCBd`S*2RLNQM8!g9L6?n`^evQNEwfO@&JJRme+uopQX0%Jo zgd5G&#&{nX{o?TQwQvF1<^Cg3?2co;_06=~Hcb6~4XWpNFL!WU{+CK;>gH%|BLOh7@!hsa(>pNDAmpcuVO-?;Bic17R}^|6@8DahH)G z!EmhsfunLL|3b=M0MeK2vqZ|OqUqS8npxwge$w-4pFVXFq$_EKrZY?BuP@Az@(k`L z`ViQBSk`y+YwRT;&W| z2e3UfkCo^uTA4}Qmmtqs+nk#gNr2W4 zTH%hhErhB)pkXR{B!q5P3-OM+M;qu~f>}IjtF%>w{~K-0*jPVLl?Chz&zIdxp}bjx zStp&Iufr58FTQ36AHU)0+CmvaOpKF;W@sMTFpJ`j;3d)J_$tNQI^c<^1o<49Z(~K> z;EZTBaVT%14(bFw2ob@?JLQ2@(1pCdg3S%E4*dJ}dA*v}_a4_P(a`cHnBFJxNobAv zf&Zl-Yt*lhn-wjZsq<9v-IsXxAxMZ58C@e0!rzhJ+D@9^3~?~yllY^s$?&oNwyH!#~6x4gUrfxplCvK#!f z$viuszW>MFEcFL?>ux*((!L$;R?xc*myjRIjgnQX79@UPD$6Dz0jutM@7h_pq z0Zr)#O<^y_K6jfY^X%A-ip>P%3saX{!v;fxT-*0C_j4=UMH+Xth(XVkVGiiKE#f)q z%Jp=JT)uy{&}Iq2E*xr4YsJ5>w^=#-mRZ4vPXpI6q~1aFwi+lQcimO45V-JXP;>(Q zo={U`{=_JF`EQj87Wf}{Qy35s8r1*9Mxg({CvOt}?Vh9d&(}iI-quvs-rm~P;eRA@ zG5?1HO}puruc@S{YNAF3vmUc2B4!k*yi))<5BQmvd3tr}cIs#9)*AX>t`=~{f#Uz0 z0&Nk!7sSZwJe}=)-R^$0{yeS!V`Dh7w{w5rZ9ir!Z7Cd7dwZcK;BT#V0bzTt>;@Cl z#|#A!-IL6CZ@eHH!CG>OO8!%G8&8t4)Ro@}USB*k>oEUo0LsljsJ-%5Mo^MJF2I8- z#v7a5VdJ-Cd%(a+y6QwTmi+?f8Nxtm{g-+WGL>t;s#epv7ug>inqimZCVm!uT5Pf6 ziEgQt7^%xJf#!aPWbuC_3Nxfb&CFbQy!(8ANpkWLI4oSnH?Q3f?0k1t$3d+lkQs{~(>06l&v|MpcFsyAv zin6N!-;pggosR*vV=DO(#+}4ps|5$`udE%Kdmp?G7B#y%H`R|i8skKOd9Xzx8xgR$>Zo2R2Ytktq^w#ul4uicxW#{ zFjG_RNlBroV_n;a7U(KIpcp*{M~e~@>Q#Av90Jc5v%0c>egEdY4v3%|K1XvB{O_8G zkTWLC>OZKf;XguMH2-Pw{BKbFzaY;4v2seZV0>^7Q~d4O=AwaPhP3h|!hw5aqOtT@ z!SNz}$of**Bl3TK209@F=Tn1+mgZa8yh(Png%Zd6Mt}^NSjy)etQrF zme*llAW=N_8R*O~d2!apJnF%(JcN??=`$qs3Y+~xs>L9x`0^NIn!8mMRFA_tg`etw z3k{9JAjnl@ygIiJcNHTy02GMAvBVqEss&t2<2mnw!; zU`J)0>lWiqVqo|ex7!+@0i>B~BSU1A_0w#Ee+2pJx0BFiZ7RDHEvE*ptc9md(B{&+ zKE>TM)+Pd>HEmdJao7U@S>nL(qq*A)#eLOuIfAS@j`_sK0UEY6OAJJ-kOrHG zjHx`g!9j*_jRcJ%>CE9K2MVf?BUZKFHY?EpV6ai7sET-tqk=nDFh-(65rhjtlKEY% z@G&cQ<5BKatfdA1FKuB=i>CCC5(|9TMW%K~GbA4}80I5%B}(gck#Wlq@$nO3%@QP_ z8nvPkJFa|znk>V92cA!K1rKtr)skHEJD;k8P|R8RkCq1Rh^&}Evwa4BUJz2f!2=MH zo4j8Y$YL2313}H~F7@J7mh>u%556Hw0VUOz-Un@ZASCL)y8}4XXS`t1AC*^>PLwIc zUQok5PFS=*#)Z!3JZN&eZ6ZDP^-c@StY*t20JhCnbMxXf=LK#;`4KHEqMZ-Ly9KsS zI2VUJGY&PmdbM+iT)zek)#Qc#_i4uH43 z@T5SZBrhNCiK~~esjsO9!qBpaWK<`>!-`b71Y5ReXQ4AJU~T2Njri1CEp5oKw;Lnm)-Y@Z3sEY}XIgSy%xo=uek(kAAH5MsV$V3uTUsoTzxp_rF=tx zV07vlJNKtJhCu`b}*#m&5LV4TAE&%KtHViDAdv#c^x`J7bg z&N;#I2GkF@SIGht6p-V}`!F_~lCXjl1BdTLIjD2hH$J^YFN`7f{Q?OHPFEM$65^!u zNwkelo*5+$ZT|oQ%o%;rBX$+?xhvjb)SHgNHE_yP%wYkkvXHS{Bf$OiKJ5d1gI0j< zF6N}Aq=(WDo(J{e-uOecxPD>XZ@|u-tgTR<972`q8;&ZD!cep^@B5CaqFz|oU!iFj zU0;6fQX&~15E53EW&w1s9gQQ~Zk16X%6 zjG`j0yq}4deX2?Tr(03kg>C(!7a|b9qFI?jcE^Y>-VhudI@&LI6Qa}WQ>4H_!UVyF z((cm&!3gmq@;BD#5P~0;_2qgZhtJS|>WdtjY=q zLnHH~Fm!cxw|Z?Vw8*~?I$g#9j&uvgm7vPr#&iZgPP~v~BI4jOv;*OQ?jYJtzO<^y z7-#C={r7CO810!^s(MT!@@Vz_SVU)7VBi(e1%1rvS!?PTa}Uv`J!EP3s6Y!xUgM^8 z4f!fq<3Wer_#;u!5ECZ|^c1{|q_lh3m^9|nsMR1#Qm|?4Yp5~|er2?W^7~cl;_r4WSme_o68J9p03~Hc%X#VcX!xAu%1`R!dfGJCp zV*&m47>s^%Ib0~-2f$6oSgn3jg8m%UA;ArcdcRyM5;}|r;)?a^D*lel5C`V5G=c~k zy*w_&BfySOxE!(~PI$*dwG><+-%KT5p?whOUMA*k<9*gi#T{h3DAxzAPxN&Xws8o9Cp*`PA5>d9*Z-ynV# z9yY*1WR^D8|C%I@vo+d8r^pjJ$>eo|j>XiLWvTWLl(^;JHCsoPgem6PvegHb-OTf| zvTgsHSa;BkbG=(NgPO|CZu9gUCGr$8*EoH2_Z#^BnxF0yM~t`|9ws_xZ8X8iZYqh! zAh;HXJ)3P&)Q0(&F>!LN0g#bdbis-cQxyGn9Qgh`q+~49Fqd2epikEUw9caM%V6WgP)532RMRW}8gNS%V%Hx7apSz}tn@bQy!<=lbhmAH=FsMD?leawbnP5BWM0 z5{)@EEIYMu5;u)!+HQWhQ;D3_Cm_NADNeb-f56}<{41aYq8p4=93d=-=q0Yx#knGYfXVt z+kMxlus}t2T5FEyCN~!}90O_X@@PQpuy;kuGz@bWft%diBTx?d)_xWd_-(!LmVrh**oKg!1CNF&LX4{*j|) zIvjCR0I2UUuuEXh<9}oT_zT#jOrJAHNLFT~Ilh9hGJPI1<5`C-WA{tUYlyMeoy!+U zhA#=p!u1R7DNg9u4|QfED-2TuKI}>p#2P9--z;Bbf4Op*;Q9LCbO&aL2i<0O$ByoI z!9;Ght733FC>Pz>$_mw(F`zU?`m@>gE`9_p*=7o=7av`-&ifU(^)UU`Kg3Kw`h9-1 z6`e6+im=|m2v`pN(2dE%%n8YyQz;#3Q-|x`91z?gj68cMrHl}C25|6(_dIGk*8cA3 zRHB|Nwv{@sP4W+YZM)VKI>RlB`n=Oj~Rzx~M+Khz$N$45rLn6k1nvvD^&HtsMA4`s=MmuOJID@$s8Ph4E zAmSV^+s-z8cfv~Yd(40Sh4JG#F~aB>WFoX7ykaOr3JaJ&Lb49=B8Vk-SQT9%7TYhv z?-Pprt{|=Y5ZQ1?od|A<_IJU93|l4oAfBm?3-wk{O<8ea+`}u%(kub(LFo2zFtd?4 zwpN|2mBNywv+d^y_8#<$r>*5+$wRTCygFLcrwT(qc^n&@9r+}Kd_u@Ithz(6Qb4}A zWo_HdBj#V$VE#l6pD0a=NfB0l^6W^g`vm^sta>Tly?$E&{F?TTX~DsKF~poFfmN%2 z4x`Dc{u{Lkqz&y!33;X}weD}&;7p>xiI&ZUb1H9iD25a(gI|`|;G^NwJPv=1S5e)j z;U;`?n}jnY6rA{V^ zxTd{bK)Gi^odL3l989DQlN+Zs39Xe&otGeY(b5>rlIqfc7Ap4}EC?j<{M=hlH{1+d zw|c}}yx88_xQr`{98Z!d^FNH77=u(p-L{W6RvIn40f-BldeF-YD>p6#)(Qzf)lfZj z?3wAMtPPp>vMehkT`3gToPd%|D8~4`5WK{`#+}{L{jRUMt zrFz+O$C7y8$M&E4@+p+oV5c%uYzbqd2Y%SSgYy#xh4G3hQv>V*BnuKQhBa#=oZB~w{azUB+q%bRe_R^ z>fHBilnRTUfaJ201czL8^~Ix#+qOHSO)A|xWLqOxB$dT2W~)e-r9;bm=;p;RjYahB z*1hegN(VKK+ztr~h1}YP@6cfj{e#|sS`;3tJhIJK=tVJ-*h-5y9n*&cYCSdg#EHE# zSIx=r#qOaLJoVVf6v;(okg6?*L_55atl^W(gm^yjR?$GplNP>BZsBYEf_>wM0Lc;T zhf&gpzOWNxS>m+mN92N0{;4uw`P+9^*|-1~$uXpggj4- z^SFc4`uzj2OwdEVT@}Q`(^EcQ_5(ZtXTql*yGzdS&vrS_w>~~ra|Nb5abwf}Y!uq6R5f&6g2ge~2p(%c< z@O)cz%%rr4*cRJ5f`n@lvHNk@lE1a*96Kw6lJ~B-XfJW%?&-y?;E&?1AacU@`N`!O z6}V>8^%RZ7SQnZ-z$(jsX`amu*5Fj8g!3RTRwK^`2_QHe;_2y_n|6gSaGyPmI#kA0sYV<_qOZc#-2BO%hX)f$s-Z3xlI!ub z^;3ru11DA`4heAu%}HIXo&ctujzE2!6DIGE{?Zs>2}J+p&C$rc7gJC35gxhflorvsb%sGOxpuWhF)dL_&7&Z99=5M0b~Qa;Mo!j&Ti_kXW!86N%n= zSC@6Lw>UQ__F&+&Rzv?gscwAz8IP!n63>SP)^62(HK98nGjLY2*e^OwOq`3O|C92? z;TVhZ2SK%9AGW4ZavTB9?)mUbOoF`V7S=XM;#3EUpR+^oHtdV!GK^nXzCu>tpR|89 zdD{fnvCaN^^LL%amZ^}-E+214g&^56rpdc@yv0b<3}Ys?)f|fXN4oHf$six)-@<;W&&_kj z-B}M5U*1sb4)77aR=@%I?|Wkn-QJVuA96an25;~!gq(g1@O-5VGo7y&E_srxL6ZfS z*R%$gR}dyONgju*D&?geiSj7SZ@ftyA|}(*Y4KbvU!YLsi1EDQQCnb+-cM=K1io78o!v*);o<XwjaQH%)uIP&Zm?)Nfbfn;jIr z)d#!$gOe3QHp}2NBak@yYv3m(CPKkwI|{;d=gi552u?xj9ObCU^DJFQp4t4e1tPzM zvsRIGZ6VF+{6PvqsplMZWhz10YwS={?`~O0Ec$`-!klNUYtzWA^f9m7tkEzCy<_nS z=&<(awFeZvt51>@o_~>PLs05CY)$;}Oo$VDO)?l-{CS1Co=nxjqben*O1BR>#9`0^ zkwk^k-wcLCLGh|XLjdWv0_Hg54B&OzCE^3NCP}~OajK-LuRW53CkV~Su0U>zN%yQP zH8UH#W5P3-!ToO-2k&)}nFe`t+mdqCxxAHgcifup^gKpMObbox9LFK;LP3}0dP-UW z?Zo*^nrQ6*$FtZ(>kLCc2LY*|{!dUn$^RW~m9leoF|@Jy|M5p-G~j%+P0_#orRKf8 zvuu5<*XO!B?1E}-*SY~MOa$6c%2cM+xa8}_8x*aVn~57v&W(0mqN1W`5a7*VN{SUH zXz98DDyCnX2EPl-`Lesf`=AQT%YSDb`$%;(jUTrNen$NPJrlpPDP}prI>Ml!r6bCT;mjsg@X^#&<}CGf0JtR{Ecwd&)2zuhr#nqdgHj+g2n}GK9CHuwO zk>oZxy{vcOL)$8-}L^iVfJHAGfwN$prHjYV0ju}8%jWquw>}_W6j~m<}Jf!G?~r5&Rx)!9JNX!ts#SGe2HzobV5); zpj@&`cNcO&q+%*<%D7za|?m5qlmFK$=MJ_iv{aRs+BGVrs)98BlN^nMr{V_fcl_;jkzRju+c-y?gqBC_@J0dFLq-D9@VN&-`R9U;nv$Hg?>$oe4N&Ht$V_(JR3TG^! zzJsbQbi zFE6-{#9{G{+Z}ww!ycl*7rRdmU#_&|DqPfX3CR1I{Kk;bHwF6jh0opI`UV2W{*|nn zf_Y@%wW6APb&9RrbEN=PQRBEpM(N1w`81s=(xQj6 z-eO0k9=Al|>Ej|Mw&G`%q8e$2xVz1v4DXAi8G};R$y)ww638Y=9y$ZYFDM$}vzusg zUf+~BPX>(SjA|tgaFZr_e0{)+z9i6G#lgt=F_n$d=beAt0Sa0a7>z-?vcjl3e+W}+ z1&9=|vC=$co}-Zh*%3588G?v&U7%N1Qf-wNWJ)(v`iO5KHSkC5&g7CrKu8V}uQGcfcz zmBz#Lbqwqy#Z~UzHgOQ;Q-rPxrRNvl(&u6ts4~0=KkeS;zqURz%!-ERppmd%0v>iRlEf+H$yl{_8TMJzo0 z>n)`On|7=WQdsqhXI?#V{>+~}qt-cQbokEbgwV3QvSP7&hK4R{Z{aGHVS3;+h{|Hz z6$Js}_AJr383c_+6sNR|$qu6dqHXQTc6?(XWPCVZv=)D#6_;D_8P-=zOGEN5&?~8S zl5jQ?NL$c%O)*bOohdNwGIKM#jSAC?BVY={@A#c9GmX0=T(0G}xs`-%f3r=m6-cpK z!%waekyAvm9C3%>sixdZj+I(wQlbB4wv9xKI*T13DYG^T%}zZYJ|0$Oj^YtY+d$V$ zAVudSc-)FMl|54n=N{BnZTM|!>=bhaja?o7s+v1*U$!v!qQ%`T-6fBvmdPbVmro&d zk07TOp*KuxRUSTLRrBj{mjsnF8`d}rMViY8j`jo~Hp$fkv9F_g(jUo#Arp;Xw0M$~ zRIN!B22~$kx;QYmOkos@%|5k)!QypDMVe}1M9tZfkpXKGOxvKXB!=lo`p?|R1l=tA zp(1}c6T3Fwj_CPJwVsYtgeRKg?9?}%oRq0F+r+kdB=bFUdVDRPa;E~~>2$w}>O>v=?|e>#(-Lyx?nbg=ckJ#5U6;RT zNvHhXk$P}m9wSvFyU3}=7!y?Y z=fg$PbV8d7g25&-jOcs{%}wTDKm>!Vk);&rr;O1nvO0VrU&Q?TtYVU=ir`te8SLlS zKSNmV=+vF|ATGg`4$N1uS|n??f}C_4Sz!f|4Ly8#yTW-FBfvS48Tef|-46C(wEO_%pPhUC5$-~Y?!0vFZ^Gu`x=m7X99_?C-`|h zfmMM&Y@zdfitA@KPw4Mc(YHcY1)3*1xvW9V-r4n-9ZuBpFcf{yz+SR{ zo$ZSU_|fgwF~aakGr(9Be`~A|3)B=9`$M-TWKipq-NqRDRQc}ABo*s_5kV%doIX7LRLRau_gd@Rd_aLFXGSU+U?uAqh z8qusWWcvgQ&wu{|sRXmv?sl=xc<$6AR$+cl& zFNh5q1~kffG{3lDUdvEZu5c(aAG~+64FxdlfwY^*;JSS|m~CJusvi-!$XR`6@XtY2 znDHSz7}_Bx7zGq-^5{stTRy|I@N=>*y$zz>m^}^{d&~h;0kYiq8<^Wq7Dz0w31ShO^~LUfW6rfitR0(=3;Uue`Y%y@ex#eKPOW zO~V?)M#AeHB2kovn1v=n^D?2{2jhIQd9t|_Q+c|ZFaWt+r&#yrOu-!4pXAJuxM+Cx z*H&>eZ0v8Y`t}8{TV6smOj=__gFC=eah)mZt9gwz>>W$!>b3O;Rm^Ig*POZP8Rl0f zT~o=Nu1J|lO>}xX&#P58%Yl z83`HRs5#32Qm9mdCrMlV|NKNC+Z~ z9OB8xk5HJ>gBLi+m@(pvpw)1(OaVJKs*$Ou#@Knd#bk+V@y;YXT?)4eP9E5{J%KGtYinNYJUH9PU3A}66c>Xn zZ{Bn0<;8$WCOAL$^NqTjwM?5d=RHgw3!72WRo0c;+houoUA@HWLZM;^U$&sycWrFd zE7ekt9;kb0`lps{>R(}YnXlyGY}5pPd9zBpgXeJTY_jwaJGSJQC#-KJqmh-;ad&F- z-Y)E>!&`Rz!HtCz>%yOJ|v(u7P*I$jqEY3}(Z-orn4 zlI?CYKNl`6I){#2P1h)y(6?i;^z`N3bxTV%wNvQW+eu|x=kbj~s8rhCR*0H=iGkSj zk23lr9kr|p7#qKL=UjgO`@UnvzU)`&fI>1Qs7ubq{@+lK{hH* zvl6eSb9%yngRn^T<;jG1SVa)eA>T^XX=yUS@NCKpk?ovCW1D@!=@kn;l_BrG;hOTC z6K&H{<8K#dI(A+zw-MWxS+~{g$tI7|SfP$EYKxA}LlVO^sT#Oby^grkdZ^^lA}uEF zBSj$weBJG{+Bh@Yffzsw=HyChS(dtLE3i*}Zj@~!_T-Ay7z=B)+*~3|?w`Zd)Co2t zC&4DyB!o&YgSw+fJn6`sn$e)29`kUwAc+1MND7YjV%lO;H2}fNy>hD#=gT ze+-aFNpyKIoXY~Vq-}OWPBe?Rfu^{ps8>Xy%42r@RV#*QV~P83jdlFNgkPN=T|Kt7 zV*M`Rh*30&AWlb$;ae130e@}Tqi3zx2^JQHpM>j$6x`#{mu%tZlwx9Gj@Hc92IuY* zarmT|*d0E~vt6<+r?W^UW0&#U&)8B6+1+;k^2|FWBRP9?C4Rk)HAh&=AS8FS|NQaZ z2j!iZ)nbEyg4ZTp-zHwVlfLC~tXIrv(xrP8PAtR{*c;T24ycA-;auWsya-!kF~CWZ zw_uZ|%urXgUbc@x=L=_g@QJ@m#5beS@6W195Hn7>_}z@Xt{DIEA`A&V82bc^#!q8$ zFh?z_Vn|ozJ;NPd^5uu(9tspo8t%&-U9Ckay-s@DnM*R5rtu|4)~e)`z0P-sy?)kc zs_k&J@0&0!q4~%cKL)2l;N*T&0;mqX5T{Qy60%JtKTQZ-xb%KOcgqwJmb%MOOKk7N zgq})R_6**{8A|6H?fO+2`#QU)p$Ei2&nbj6TpLSIT^D$|`TcSeh+)}VMb}LmvZ{O| ze*1IdCt3+yhdYVxcM)Q_V0bIXLgr6~%JS<<&dxIgfL=Vnx4YHuU@I34JXA|+$_S3~ zy~X#gO_X!cSs^XM{yzDGNM>?v(+sF#<0;AH^YrE8smx<36bUsHbN#y57K8WEu(`qHvQ6cAZPo=J5C(lSmUCZ57Rj6cx!e^rfaI5%w}unz}4 zoX=nt)FVNV%QDJH`o!u9olLD4O5fl)xp+#RloZlaA92o3x4->?rB4`gS$;WO{R;Z3>cG3IgFX2EA?PK^M}@%1%A;?f6}s&CV$cIyEr#q5;yHdNZ9h{| z-=dX+a5elJoDo?Eq&Og!nN6A)5yYpnGEp}?=!C-V)(*~z-+?kY1Q7qs#Rsy%hu_60rdbB+QQNr?S1 z?;xtjUv|*E3}HmuNyB9aFL5H~3Ho0UsmuMZELp1a#CA1g`P{-mT?BchuLEtK}!QZ=3AWakRu~?f9V~3F;TV`5%9Pcs_$gq&CcU}r8gOO zC2&SWPsSG{&o-LIGTBqp6SLQZPvYKp$$7L4WRRZ0BR$Kf0I0SCFkqveCp@f)o8W)! z$%7D1R`&j7W9Q9CGus_)b%+B#J2G;l*FLz#s$hw{BHS~WNLODV#(!u_2Pe&tMsq={ zdm7>_WecWF#D=?eMjLj=-_z`aHMZ=3_-&E8;ibPmM}61i6J3is*=dKf%HC>=xbj4$ zS|Q-hWQ8T5mWde6h@;mS+?k=89?1FU<%qH9B(l&O>k|u_aD|DY*@~(`_pb|B#rJ&g zR0(~(68fpUPz6TdS@4JT5MOPrqDh5_H(eX1$P2SQrkvN8sTxwV>l0)Qq z0pzTuvtEAKRDkKGhhv^jk%|HQ1DdF%5oKq5BS>szk-CIke{%js?~%@$uaN3^Uz6Wf z_iyx{bZ(;9y4X&>LPV=L=d+A}7I4GkK0c1Xts{rrW1Q7apHf-))`BgC^0^F(>At1* za@e7{lq%yAkn*NH8Q1{@{lKhRg*^TfGvv!Sn*ed*x@6>M%aaqySxR|oNadYt1mpUZ z6H(rupHYf&Z z29$5g#|0MX#aR6TZ$@eGxxABRKakDYtD%5BmKp;HbG_ZbT+=81E&=XRk6m_3t9PvD zr5Cqy(v?gHcYvYvXkNH@S#Po~q(_7MOuCAB8G$a9BC##gw^5mW16cML=T=ERL7wsk zzNEayTG?mtB=x*wc@ifBCJ|irFVMOvH)AFRW8WE~U()QT=HBCe@s$dA9O!@`zAAT) zaOZ7l6vyR+Nk_OOF!ZlZmjoImKh)dxFbbR~z(cMhfeX1l7S_`;h|v3gI}n9$sSQ>+3@AFAy9=B_y$)q;Wdl|C-X|VV3w8 z2S#>|5dGA8^9%Bu&fhmVRrTX>Z7{~3V&0UpJNEl0=N32euvDGCJ>#6dUSi&PxFW*s zS`}TB>?}H(T2lxBJ!V#2taV;q%zd6fOr=SGHpoSG*4PDaiG0pdb5`jelVipkEk%FV zThLc@Hc_AL1#D&T4D=w@UezYNJ%0=f3iVRuVL5H?eeZM}4W*bomebEU@e2d`M<~uW zf#Bugwf`VezG|^Qbt6R_=U0}|=k;mIIakz99*>FrsQR{0aQRP6ko?5<7bkDN8evZ& zB@_KqQG?ErKL=1*ZM9_5?Pq%lcS4uLSzN(Mr5=t6xHLS~Ym`UgM@D&VNu8e?_=nSFtF$u@hpPSmI4Vo_t&v?>$~K4y(O~Rb*(MFy_igM7 z*~yYUyR6yQgzWnWMUgDov!!g=lInM+=lOmOk4L`O?{i&qxy&D*_qorRbDwj6?)!ef z#JLd7F6Z2I$S0iYI={rZNk*<{HtIl^mx=h>Cim*04K4+Z4IJtd*-)%6XV2(MCscPiw_a+y*?BKbTS@BZ3AUao^%Zi#PhoY9Vib4N>SE%4>=Jco0v zH_Miey{E;FkdlZSq)e<{`+S3W=*ttvD#hB8w=|2aV*D=yOV}(&p%0LbEWH$&@$X3x~CiF-?ejQ*N+-M zc8zT@3iwkdRT2t(XS`d7`tJQAjRmKAhiw{WOqpuvFp`i@Q@!KMhwKgsA}%@sw8Xo5Y=F zhRJZg)O4uqNWj?V&&vth*H#je6T}}p_<>!Dr#89q@uSjWv~JuW(>FqoJ5^ho0%K?E z9?x_Q;kmcsQ@5=}z@tdljMSt9-Z3xn$k)kEjK|qXS>EfuDmu(Z8|(W?gY6-l z@R_#M8=vxKMAoi&PwnaIYw2COJM@atcgfr=zK1bvjW?9B`-+Voe$Q+H$j!1$Tjn+* z&LY<%)L@;zhnJlB^Og6I&BOR-m?{IW;tyYC%FZ!&Z>kGjHJ6cqM-F z&19n+e1=9AH1VrVeHrIzqlC`w9=*zfmrerF?JMzO&|Mmv;!4DKc(sp+jy^Dx?(8>1 zH&yS_4yL7m&GWX~mdfgH*AB4{CKo;+egw=PrvkTaoBU+P-4u?E|&!c z)DKc;>$$B6u*Zr1SjUh2)FeuWLWHl5TH(UHWkf zLs>7px!c5n;rbe^lO@qlYLzlDVp(z?6rPZel=YB)Uv&n!2{+Mb$-vQl=xKw( zve&>xYx+jW_NJh!FV||r?;hdP*jOXYcLCp>DOtJ?2S^)DkM{{Eb zS$!L$e_o0(^}n3tA1R3-$SNvgBq;DOEo}fNc|tB%%#g4RA3{|euq)p+xd3I8^4E&m zFrD%}nvG^HUAIKe9_{tXB;tl|G<%>yk6R;8L2)KUJw4yHJXUOPM>(-+jxq4R;z8H#>rnJy*)8N+$wA$^F zN+H*3t)eFEgxLw+Nw3};4WV$qj&_D`%ADV2%r zJCPCo%{=z7;`F98(us5JnT(G@sKTZ^;2FVitXyLe-S5(hV&Ium+1pIUB(CZ#h|g)u zSLJJ<@HgrDiA-}V_6B^x1>c9B6%~847JkQ!^KLZ2skm;q*edo;UA)~?SghG8;QbHh z_6M;ouo_1rq9=x$<`Y@EA{C%6-pEV}B(1#sDoe_e1s3^Y>n#1Sw;N|}8D|s|VPd+g z-_$QhCz`vLxxrVMx3ape1xu3*wjx=yKSlM~nFgkNWb4?DDr*!?U)L_VeffF<+!j|b zZ$Wn2$TDv3C3V@BHpSgv3JUif8%hk%OsGZ=OxH@8&4`bbf$`aAMchl^qN>Eyu3JH} z9-S!x8-s4fE=lad%Pkp8hAs~u?|uRnL48O|;*DEU! zuS0{cpk%1E0nc__2%;apFsTm0bKtd&A0~S3Cj^?72-*Owk3V!ZG*PswDfS~}2<8le z5+W^`Y(&R)yVF*tU_s!XMcJS`;(Tr`J0%>p=Z&InR%D3@KEzzI+-2)HK zuoNZ&o=wUC&+*?ofPb0a(E6(<2Amd6%uSu_^-<1?hsxs~0K5^f(LsGqgEF^+0_H=uNk9S0bb!|O8d?m5gQjUKevPaO+*VfSn^2892K~%crWM8+6 z25@V?Y@J<9w%@NXh-2!}SK_(X)O4AM1-WTg>sj1{lj5@=q&dxE^9xng1_z9w9DK>| z6Iybcd0e zyi;Ew!KBRIfGPGytQ6}z}MeXCfLY0?9%RiyagSp_D1?N&c{ zyo>VbJ4Gy`@Fv+5cKgUgs~na$>BV{*em7PU3%lloy_aEovR+J7TfQKh8BJXyL6|P8un-Jnq(ghd!_HEOh$zlv2$~y3krgeH;9zC}V3f`uDtW(%mT#944DQa~^8ZI+zAUu4U(j0YcDfKR$bK#gvn_{JZ>|gZ5+)u?T$w7Q%F^;!Wk?G z(le7r!ufT*cxS}PR6hIVtXa)i`d$-_1KkyBU>qmgz-=T};uxx&sKgv48akIWQ89F{ z0XiY?WM^~;|T8zBOr zs#zuOONzH?svv*jokd5SK8wG>+yMC)LYL|vLqm^PMHcT=`}V$=nIRHe2?h)8WQa6O zPAU}d`1y(>kZiP~Gr=mtJLMu`i<2CspL|q2DqAgAD^7*$xzM`PU4^ga`ilE134XBQ z99P(LhHU@7qvl9Yzg$M`+dlS=x^(m-_3t|h>S}E0bcFMn=C|KamQ)=w2^e)35p`zY zRV8X?d;s^>Cof2SPR&nP3E+-LCkS0J$H!eh8~k0qo$}00b=7!H_I2O+Ro@3O$nPdm ztmbOO^B+IHzQ5w>@@@J4cKw5&^_w6s!s=H%&byAbUtczPQ7}wfTqxxtQNfn*u73Qw zGuWsrky_ajPx-5`R<)6xHf>C(oqGf_Fw|-U*GfS?xLML$kv;h_pZ@Kk$y0X(S+K80 z6^|z)*`5VUkawg}=z`S;VhZhxyDfrE0$(PMurAxl~<>lfZa>JZ288ULK7D` zl9|#L^JL}Y$j*j`0-K6kH#?bRmg#5L3iB4Z)%iF@SqT+Lp|{i`m%R-|ZE94Np7Pa5 zCqC^V3}B(FR340pmF*qaa}M}+h6}mqE~7Sh!9bDv9YRT|>vBNAqv09zXHMlcuhKD| zcjjA(b*XCIwJ33?CB!+;{)vX@9xns_b-VO{i0y?}{!sdXj1GM8+$#v>W7nw;+O_9B z_{4L;C6ol?(?W0<6taGEn1^uG=?Q3i29sE`RfYCaV$3DKc_;?HsL?D_fSYg}SuO5U zOB_f4^vZ_x%o`5|C@9C5+o=mFy@au{s)sKw!UgC&L35aH(sgDxRE2De%(%OT=VUdN ziVLEmdOvJ&5*tCMKRyXctCwQu_RH%;m*$YK&m;jtbdH#Ak~13T1^f89tn`A%QEHWs~jnY~E}p_Z$XC z=?YXLCkzVSK+Id`xZYTegb@W8_baLt-Fq`Tv|=)JPbFsKRm)4UW;yT+J`<)%#ue9DPOkje)YF2fsCilK9MIIK>p*`fkoD5nGfmLwt)!KOT+> zOFq*VZktDDyM3P5UOg`~XL#cbzC}eL%qMB=Q5$d89MKuN#$6|4gx_Jt0Gfn8w&q}%lq4QU%6#jT*MRT% zrLz~C8FYKHawn-EQWN1B75O&quS+Z81(zN)G>~vN8VwC+e+y(`>HcxC{MrJ;H1Z4k zZWuv$w_F0-Ub%MVcpIc){4PGL^I7M{>;hS?;eH!;gmcOE66z3;Z1Phqo(t zVP(Hg6q#0gIKgsg7L7WE!{Y#1nI(45tx2{$34dDd#!Z0NIyrm)HOn5W#7;f4pQci# zDW!FI(g4e668kI9{2+mLwB+=#9bfqgX%!B34V-$wwSN(_cm*^{y0jQtv*4}eO^sOV z*9xoNvX)c9isB}Tgx&ZRjp3kwhTVK?r9;n!x>^XYT z@Q^7zp{rkIs{2mUSE^2!Gf6$6;j~&4=-0cSJJDizZp6LTe8b45;{AKM%v99}{{FfC zz709%u0mC=1KXTo(=TqmZQ;c?$M3z(!xah>aywrj40sc2y3rKFw4jCq+Y+u=CH@_V zxz|qeTwa>+<|H%8Dz5u>ZI5MmjTFwXS-Fv!TDd*`>3{krWoNVx$<133`(ftS?ZPyY z&4@ah^3^i`vL$BZa>O|Nt?ucewzsF)0zX3qmM^|waXr=T0pfIb0*$AwU=?Ipl|1Y; z*Pk6{C-p4MY;j@IJ|DW>QHZQJcp;Z~?8(Q+Kk3^0qJ}SCk^*n4W zu9ZFwLHUx-$6xvaQ)SUQcYd6fF8&x)V`1bIuX@>{mE$b|Yd(qomn3;bPwnDUc0F=; zh*6_((%bqAYQWQ~odER?h>1mkL4kpb3s7`0m@rDKGU*oyF)$j~Ffd4fXV$?`f~rHf zB%Y)@5SXZvfwm10RY5X?TEo)PK_`L6qgBp=#>fO49$D zDq8Ozj0q6213tV5Qq=;fZ0$|KroY{Dz=l@lU^J)?Ko@ti20TRplXzphBi>XGx4bou zEWrkNjz0t5j!_ke{g5I#PUlEU$Km8g8TE|XK=MkU@PT4T><2OVamoK;wJ}3X0L$vX zgd7gNa359*nc)R-0!`2X@FOTB`+oETOPc=ubp5R)VQgY+5BTZZJ2?9QwnO=dnulIUF3gFn;BODC2)65)HeVd%t86sL7Rv^Y+nbn+&l z6BAJY(ETvwI)Ts$aiE8rht4KD*qNyE{8{x6R|%akbTBzw;2+6Echkt+W+`u^XX z_z&x%n '} + case $link in #( + /*) app_path=$link ;; #( + *) app_path=$APP_HOME$link ;; + esac +done + +# This is normally unused +# shellcheck disable=SC2034 +APP_BASE_NAME=${0##*/} +# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) +APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD=maximum + +warn () { + echo "$*" +} >&2 + +die () { + echo + echo "$*" + echo + exit 1 +} >&2 + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "$( uname )" in #( + CYGWIN* ) cygwin=true ;; #( + Darwin* ) darwin=true ;; #( + MSYS* | MINGW* ) msys=true ;; #( + NONSTOP* ) nonstop=true ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD=$JAVA_HOME/jre/sh/java + else + JAVACMD=$JAVA_HOME/bin/java + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD=java + if ! command -v java >/dev/null 2>&1 + then + die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +fi + +# Increase the maximum file descriptors if we can. +if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then + case $MAX_FD in #( + max*) + # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + MAX_FD=$( ulimit -H -n ) || + warn "Could not query maximum file descriptor limit" + esac + case $MAX_FD in #( + '' | soft) :;; #( + *) + # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + ulimit -n "$MAX_FD" || + warn "Could not set maximum file descriptor limit to $MAX_FD" + esac +fi + +# Collect all arguments for the java command, stacking in reverse order: +# * args from the command line +# * the main class name +# * -classpath +# * -D...appname settings +# * --module-path (only if needed) +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. + +# For Cygwin or MSYS, switch paths to Windows format before running java +if "$cygwin" || "$msys" ; then + APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) + CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) + + JAVACMD=$( cygpath --unix "$JAVACMD" ) + + # Now convert the arguments - kludge to limit ourselves to /bin/sh + for arg do + if + case $arg in #( + -*) false ;; # don't mess with options #( + /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath + [ -e "$t" ] ;; #( + *) false ;; + esac + then + arg=$( cygpath --path --ignore --mixed "$arg" ) + fi + # Roll the args list around exactly as many times as the number of + # args, so each arg winds up back in the position where it started, but + # possibly modified. + # + # NB: a `for` loop captures its iteration list before it begins, so + # changing the positional parameters here affects neither the number of + # iterations, nor the values presented in `arg`. + shift # remove old arg + set -- "$@" "$arg" # push replacement arg + done +fi + + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Collect all arguments for the java command: +# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# and any embedded shellness will be escaped. +# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be +# treated as '${Hostname}' itself on the command line. + +set -- \ + "-Dorg.gradle.appname=$APP_BASE_NAME" \ + -classpath "$CLASSPATH" \ + org.gradle.wrapper.GradleWrapperMain \ + "$@" + +# Stop when "xargs" is not available. +if ! command -v xargs >/dev/null 2>&1 +then + die "xargs is not available" +fi + +# Use "xargs" to parse quoted args. +# +# With -n1 it outputs one arg per line, with the quotes and backslashes removed. +# +# In Bash we could simply go: +# +# readarray ARGS < <( xargs -n1 <<<"$var" ) && +# set -- "${ARGS[@]}" "$@" +# +# but POSIX shell has neither arrays nor command substitution, so instead we +# post-process each arg (as a line of input to sed) to backslash-escape any +# character that might be a shell metacharacter, then use eval to reverse +# that process (while maintaining the separation between arguments), and wrap +# the whole thing up as a single "set" statement. +# +# This will of course break if any of these variables contains a newline or +# an unmatched quote. +# + +eval "set -- $( + printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | + xargs -n1 | + sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | + tr '\n' ' ' + )" '"$@"' + +exec "$JAVACMD" "$@" diff --git a/gradlew.bat b/gradlew.bat new file mode 100644 index 0000000..25da30d --- /dev/null +++ b/gradlew.bat @@ -0,0 +1,92 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%"=="" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%"=="" set DIRNAME=. +@rem This is normally unused +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if %ERRORLEVEL% equ 0 goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if %ERRORLEVEL% equ 0 goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +set EXIT_CODE=%ERRORLEVEL% +if %EXIT_CODE% equ 0 set EXIT_CODE=1 +if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% +exit /b %EXIT_CODE% + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/settings.gradle b/settings.gradle new file mode 100644 index 0000000..cf4dbeb --- /dev/null +++ b/settings.gradle @@ -0,0 +1 @@ +rootProject.name = 'choco-express' diff --git a/src/main/java/dgu/choco_express/ChocoExpressApplication.java b/src/main/java/dgu/choco_express/ChocoExpressApplication.java new file mode 100644 index 0000000..f97302a --- /dev/null +++ b/src/main/java/dgu/choco_express/ChocoExpressApplication.java @@ -0,0 +1,13 @@ +package dgu.choco_express; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class ChocoExpressApplication { + + public static void main(String[] args) { + SpringApplication.run(ChocoExpressApplication.class, args); + } + +} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml new file mode 100644 index 0000000..57e4391 --- /dev/null +++ b/src/main/resources/application.yml @@ -0,0 +1,13 @@ +spring: + profiles: + default: local +--- +spring: + config: + activate: + on-profile: local +--- +spring: + config: + activate: + on-profile: prod \ No newline at end of file diff --git a/src/test/java/dgu/choco_express/ChocoExpressApplicationTests.java b/src/test/java/dgu/choco_express/ChocoExpressApplicationTests.java new file mode 100644 index 0000000..4620deb --- /dev/null +++ b/src/test/java/dgu/choco_express/ChocoExpressApplicationTests.java @@ -0,0 +1,13 @@ +package dgu.choco_express; + +import org.junit.jupiter.api.Test; +import org.springframework.boot.test.context.SpringBootTest; + +@SpringBootTest +class ChocoExpressApplicationTests { + + @Test + void contextLoads() { + } + +} From f58a2e9c68c3e1e700ceb0775fcf7a9e8735d27c Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Thu, 29 Aug 2024 21:46:02 +0900 Subject: [PATCH 02/11] =?UTF-8?q?Feat:=20=EC=8A=A4=ED=94=84=EB=A7=81=20?= =?UTF-8?q?=EC=8B=9C=ED=81=90=EB=A6=AC=ED=8B=B0,=20oauth2=20=EB=B0=8F=20?= =?UTF-8?q?=EA=B8=B0=EB=B3=B8=20=EC=84=A4=EC=A0=95=20=EC=99=84=EB=A3=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/deploy.yml | 90 ++++++++++++++++++ .../dgu/choco_express/annotation/UserId.java | 11 +++ .../config/JpaAuditingConfiguration.java | 9 ++ .../dgu/choco_express/constant/Constants.java | 17 ++++ .../domain/global/BaseTimeEntity.java | 24 +++++ .../domain/refreshToken/RefreshToken.java | 30 ++++++ .../choco_express/domain/user/EProvider.java | 14 +++ .../dgu/choco_express/domain/user/ERole.java | 15 +++ .../dgu/choco_express/domain/user/User.java | 63 +++++++++++++ .../choco_express/dto/common/ResponseDto.java | 31 +++++++ .../dto/jwt/response/JwtDto.java | 18 ++++ .../exception/CommonException.java | 17 ++++ .../choco_express/exception/ErrorCode.java | 9 ++ .../exception/ErrorResponse.java | 29 ++++++ .../exception/GlobalErrorCode.java | 64 +++++++++++++ .../exception/UserErrorCode.java | 16 ++++ .../interceptor/post/ResponseInterceptor.java | 34 +++++++ .../pre/UserIdArgumentResolver.java | 35 +++++++ .../interceptor/pre/UserIdInterceptor.java | 21 +++++ .../repository/RefreshTokenRepository.java | 7 ++ .../repository/UserRepository.java | 21 +++++ .../repository/UserSecurityForm.java | 23 +++++ .../security/config/SecurityConfig.java | 76 +++++++++++++++ .../filter/JwtAuthenticationFilter.java | 75 +++++++++++++++ .../security/filter/JwtExceptionFilter.java | 68 ++++++++++++++ .../exception/CustomAccessDeniedHandler.java | 25 +++++ ...CustomAuthenticationEntryPointHandler.java | 29 ++++++ .../handler/login/Oauth2FailureHandler.java | 25 +++++ .../handler/login/Oauth2SuccessHandler.java | 47 ++++++++++ .../logout/CustomLogoutProcessHandler.java | 39 ++++++++ .../logout/CustomLogoutResultHandler.java | 25 +++++ .../security/info/AuthenticationResponse.java | 67 +++++++++++++ .../security/info/JwtUserInfo.java | 7 ++ .../security/info/KakaoOauth2UserInfo.java | 22 +++++ .../security/info/UserPrincipal.java | 93 +++++++++++++++++++ .../security/info/factory/Oauth2UserInfo.java | 14 +++ .../info/factory/Oauth2UserInfoFactory.java | 22 +++++ .../provider/JwtAuthenticationManager.java | 21 +++++ .../provider/JwtAuthenticationProvider.java | 55 +++++++++++ .../CustomOauth2UserDetailService.java | 59 ++++++++++++ .../service/CustomUserDetailService.java | 36 +++++++ .../dgu/choco_express/service/JwtService.java | 32 +++++++ .../dgu/choco_express/util/CookieUtil.java | 85 +++++++++++++++++ .../dgu/choco_express/util/HeaderUtil.java | 22 +++++ .../java/dgu/choco_express/util/JwtUtil.java | 70 ++++++++++++++ 45 files changed, 1612 insertions(+) create mode 100644 .github/workflows/deploy.yml create mode 100644 src/main/java/dgu/choco_express/annotation/UserId.java create mode 100644 src/main/java/dgu/choco_express/config/JpaAuditingConfiguration.java create mode 100644 src/main/java/dgu/choco_express/constant/Constants.java create mode 100644 src/main/java/dgu/choco_express/domain/global/BaseTimeEntity.java create mode 100644 src/main/java/dgu/choco_express/domain/refreshToken/RefreshToken.java create mode 100644 src/main/java/dgu/choco_express/domain/user/EProvider.java create mode 100644 src/main/java/dgu/choco_express/domain/user/ERole.java create mode 100644 src/main/java/dgu/choco_express/domain/user/User.java create mode 100644 src/main/java/dgu/choco_express/dto/common/ResponseDto.java create mode 100644 src/main/java/dgu/choco_express/dto/jwt/response/JwtDto.java create mode 100644 src/main/java/dgu/choco_express/exception/CommonException.java create mode 100644 src/main/java/dgu/choco_express/exception/ErrorCode.java create mode 100644 src/main/java/dgu/choco_express/exception/ErrorResponse.java create mode 100644 src/main/java/dgu/choco_express/exception/GlobalErrorCode.java create mode 100644 src/main/java/dgu/choco_express/exception/UserErrorCode.java create mode 100644 src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java create mode 100644 src/main/java/dgu/choco_express/interceptor/pre/UserIdArgumentResolver.java create mode 100644 src/main/java/dgu/choco_express/interceptor/pre/UserIdInterceptor.java create mode 100644 src/main/java/dgu/choco_express/repository/RefreshTokenRepository.java create mode 100644 src/main/java/dgu/choco_express/repository/UserRepository.java create mode 100644 src/main/java/dgu/choco_express/repository/UserSecurityForm.java create mode 100644 src/main/java/dgu/choco_express/security/config/SecurityConfig.java create mode 100644 src/main/java/dgu/choco_express/security/filter/JwtAuthenticationFilter.java create mode 100644 src/main/java/dgu/choco_express/security/filter/JwtExceptionFilter.java create mode 100644 src/main/java/dgu/choco_express/security/handler/exception/CustomAccessDeniedHandler.java create mode 100644 src/main/java/dgu/choco_express/security/handler/exception/CustomAuthenticationEntryPointHandler.java create mode 100644 src/main/java/dgu/choco_express/security/handler/login/Oauth2FailureHandler.java create mode 100644 src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java create mode 100644 src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutProcessHandler.java create mode 100644 src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutResultHandler.java create mode 100644 src/main/java/dgu/choco_express/security/info/AuthenticationResponse.java create mode 100644 src/main/java/dgu/choco_express/security/info/JwtUserInfo.java create mode 100644 src/main/java/dgu/choco_express/security/info/KakaoOauth2UserInfo.java create mode 100644 src/main/java/dgu/choco_express/security/info/UserPrincipal.java create mode 100644 src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfo.java create mode 100644 src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfoFactory.java create mode 100644 src/main/java/dgu/choco_express/security/provider/JwtAuthenticationManager.java create mode 100644 src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java create mode 100644 src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java create mode 100644 src/main/java/dgu/choco_express/security/service/CustomUserDetailService.java create mode 100644 src/main/java/dgu/choco_express/service/JwtService.java create mode 100644 src/main/java/dgu/choco_express/util/CookieUtil.java create mode 100644 src/main/java/dgu/choco_express/util/HeaderUtil.java create mode 100644 src/main/java/dgu/choco_express/util/JwtUtil.java diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..9d464ad --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,90 @@ +name: deploy-actions + +on: + push: + branches: [ "main" ] + +jobs: + ci: + runs-on: ubuntu-20.04 + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + token: ${{ secrets.GIT_TOKEN }} + submodules: true + + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: 17 + distribution: 'temurin' + + - name: Grant execute permission for gradlew + run: chmod +x gradlew + + - name: Build with Gradle + run: ./gradlew clean build -x test + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + push: true + tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_PROD_REPONAME }}:0.0.1 + + cd1: + needs: [ci] + runs-on: ubuntu-20.04 + + steps: + - name: Docker Image Pull And Container Run + uses: appleboy/ssh-action@v1.0.0 + with: + key: ${{ secrets.SSH_PRIVATE_KEY_1 }} + host: ${{ secrets.SSH_HOST_1 }} + username: ${{ secrets.SSH_USERNAME }} + port: ${{ 22 }} + script: | + sh /home/ubuntu/deploy.sh + + cd2: + needs: [ci] + runs-on: ubuntu-20.04 + + steps: + - name: Docker Image Pull And Container Run + uses: appleboy/ssh-action@v1.0.0 + with: + key: ${{ secrets.SSH_PRIVATE_KEY_2 }} + host: ${{ secrets.SSH_HOST_2 }} + username: ${{ secrets.SSH_USERNAME }} + port: ${{ 22 }} + script: | + sh /home/ubuntu/deploy.sh + + cd3: + needs: [ci] + runs-on: ubuntu-20.04 + + steps: + - name: Docker Image Pull And Container Run + uses: appleboy/ssh-action@v1.0.0 + with: + key: ${{ secrets.SSH_PRIVATE_KEY_3 }} + host: ${{ secrets.SSH_HOST_3 }} + username: ${{ secrets.SSH_USERNAME }} + port: ${{ 22 }} + script: | + sh /home/ubuntu/deploy.sh diff --git a/src/main/java/dgu/choco_express/annotation/UserId.java b/src/main/java/dgu/choco_express/annotation/UserId.java new file mode 100644 index 0000000..f046f8e --- /dev/null +++ b/src/main/java/dgu/choco_express/annotation/UserId.java @@ -0,0 +1,11 @@ +package dgu.choco_express.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +@Target(ElementType.PARAMETER) +@Retention(RetentionPolicy.RUNTIME) +public @interface UserId { +} diff --git a/src/main/java/dgu/choco_express/config/JpaAuditingConfiguration.java b/src/main/java/dgu/choco_express/config/JpaAuditingConfiguration.java new file mode 100644 index 0000000..b0f38cb --- /dev/null +++ b/src/main/java/dgu/choco_express/config/JpaAuditingConfiguration.java @@ -0,0 +1,9 @@ +package dgu.choco_express.config; + +import org.springframework.context.annotation.Configuration; +import org.springframework.data.jpa.repository.config.EnableJpaAuditing; + +@Configuration +@EnableJpaAuditing +public class JpaAuditingConfiguration { +} diff --git a/src/main/java/dgu/choco_express/constant/Constants.java b/src/main/java/dgu/choco_express/constant/Constants.java new file mode 100644 index 0000000..fbe4165 --- /dev/null +++ b/src/main/java/dgu/choco_express/constant/Constants.java @@ -0,0 +1,17 @@ +package dgu.choco_express.constant; + +import java.util.List; + +public class Constants { + public static String CLAIM_USER_ID = "uuid"; + public static String CLAIM_USER_ROLE = "role"; + public static String PREFIX_BEARER = "Bearer "; + public static String PREFIX_AUTH = "authorization"; + public static String ACCESS_COOKIE_NAME = "access_token"; + public static String REFRESH_COOKIE_NAME = "refresh_token"; + public static List NO_NEED_AUTH = List.of( + "/api/auth/sign-up", + "/api/auth/sign-in", + "/oauth2/authorization/kakao" + ); +} diff --git a/src/main/java/dgu/choco_express/domain/global/BaseTimeEntity.java b/src/main/java/dgu/choco_express/domain/global/BaseTimeEntity.java new file mode 100644 index 0000000..ce44248 --- /dev/null +++ b/src/main/java/dgu/choco_express/domain/global/BaseTimeEntity.java @@ -0,0 +1,24 @@ +package dgu.choco_express.domain.global; + +import jakarta.persistence.Column; +import jakarta.persistence.EntityListeners; +import jakarta.persistence.MappedSuperclass; +import lombok.Getter; +import org.springframework.data.annotation.CreatedDate; +import org.springframework.data.annotation.LastModifiedDate; +import org.springframework.data.jpa.domain.support.AuditingEntityListener; + +import java.time.LocalDateTime; + +@Getter +@MappedSuperclass +@EntityListeners(AuditingEntityListener.class) +public class BaseTimeEntity { + @Column(name = "created_date", nullable = false, updatable = false) + @CreatedDate + private LocalDateTime createdDate; + + @Column(name = "modified_date") + @LastModifiedDate + private LocalDateTime modifiedDate; +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/domain/refreshToken/RefreshToken.java b/src/main/java/dgu/choco_express/domain/refreshToken/RefreshToken.java new file mode 100644 index 0000000..817b3ef --- /dev/null +++ b/src/main/java/dgu/choco_express/domain/refreshToken/RefreshToken.java @@ -0,0 +1,30 @@ +package dgu.choco_express.domain.refreshToken; + +import jakarta.persistence.Id; +import lombok.AccessLevel; +import lombok.Builder; +import lombok.Getter; +import lombok.NoArgsConstructor; +import org.springframework.data.redis.core.RedisHash; +import org.springframework.data.redis.core.index.Indexed; + +@Getter +@NoArgsConstructor(access = AccessLevel.PROTECTED) +@RedisHash(value = "token", timeToLive = 60 * 60 * 24 * 14) +public class RefreshToken { + @Id + private Long id; + + @Indexed + private String token; + + @Builder + public RefreshToken(Long id, String token) { + this.id = id; + this.token = token; + } + + public static RefreshToken issueRefreshToken(final Long userId, final String refreshToken) { + return new RefreshToken(userId, refreshToken); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/domain/user/EProvider.java b/src/main/java/dgu/choco_express/domain/user/EProvider.java new file mode 100644 index 0000000..c3b7b82 --- /dev/null +++ b/src/main/java/dgu/choco_express/domain/user/EProvider.java @@ -0,0 +1,14 @@ +package dgu.choco_express.domain.user; + +import lombok.Getter; +import lombok.RequiredArgsConstructor; + +@Getter +@RequiredArgsConstructor +public enum EProvider { + KAKAO("KAKAO"), + NAVER("NAVER"), + GOOGLE("GOOGLE"); + + private final String name; +} diff --git a/src/main/java/dgu/choco_express/domain/user/ERole.java b/src/main/java/dgu/choco_express/domain/user/ERole.java new file mode 100644 index 0000000..6e3713f --- /dev/null +++ b/src/main/java/dgu/choco_express/domain/user/ERole.java @@ -0,0 +1,15 @@ +package dgu.choco_express.domain.user; + +import lombok.Getter; +import lombok.RequiredArgsConstructor; + +@Getter +@RequiredArgsConstructor +public enum ERole { + GUEST("GUEST", "ROLE_GUEST"), + USER("USER", "ROLE_USER"), + ADMIN("ADMIN", "ROLE_ADMIN"); + + private final String role; + private final String securityRole; +} diff --git a/src/main/java/dgu/choco_express/domain/user/User.java b/src/main/java/dgu/choco_express/domain/user/User.java new file mode 100644 index 0000000..68f2158 --- /dev/null +++ b/src/main/java/dgu/choco_express/domain/user/User.java @@ -0,0 +1,63 @@ +package dgu.choco_express.domain.user; + + +import dgu.choco_express.domain.global.BaseTimeEntity; +import jakarta.persistence.*; +import lombok.AccessLevel; +import lombok.Builder; +import lombok.Getter; +import lombok.NoArgsConstructor; +import org.hibernate.annotations.DynamicUpdate; + +@Entity +@Getter +@DynamicUpdate +@Table(name = "users") +@NoArgsConstructor(access = AccessLevel.PROTECTED) +public class User extends BaseTimeEntity { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") + private Long id; + + @Column(name = "serial_id", nullable = false, unique = true, updatable = false) + private String serialId; + + @Column(name = "name", nullable = false, updatable = false) + private String name; + + @Column(name = "provider", nullable = false, updatable = false) + @Enumerated(EnumType.STRING) + private EProvider provider; + + @Column(name = "role", nullable = false) + @Enumerated(EnumType.STRING) + private ERole role; + + @Builder + private User( + final String serialId, + final String name, + final ERole role, + final EProvider provider + ) { + this.serialId = serialId; + this.name = name; + this.role = role; + this.provider = provider; + } + + public static User from( + final String serialId, + final String name, + final ERole role, + final EProvider provider + ) { + return User.builder() + .serialId(serialId) + .name(name) + .role(role) + .provider(provider) + .build(); + } +} diff --git a/src/main/java/dgu/choco_express/dto/common/ResponseDto.java b/src/main/java/dgu/choco_express/dto/common/ResponseDto.java new file mode 100644 index 0000000..7eefeb1 --- /dev/null +++ b/src/main/java/dgu/choco_express/dto/common/ResponseDto.java @@ -0,0 +1,31 @@ +package dgu.choco_express.dto.common; + +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import dgu.choco_express.exception.ErrorResponse; +import lombok.AllArgsConstructor; +import lombok.Getter; + +import static dgu.choco_express.exception.GlobalErrorCode.SUCCESS; + +@Getter +@AllArgsConstructor +@JsonPropertyOrder({"errorCode", "message", "result"}) +public class ResponseDto { + private final String errorCode; + private final String message; + private T result; + + public static ResponseDto success(final T data) { + return new ResponseDto<>(null, "SUCCESS", data); + } + + public static ResponseDto fail(ErrorResponse errorResponse) { + return new ResponseDto<>(errorResponse.getErrorCode(), errorResponse.getMessage(), null); + } + + public ResponseDto(T result) { + this.errorCode = SUCCESS.getErrorCode(); + this.message = SUCCESS.getMessage(); + this.result = result; + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/dto/jwt/response/JwtDto.java b/src/main/java/dgu/choco_express/dto/jwt/response/JwtDto.java new file mode 100644 index 0000000..4eafb2a --- /dev/null +++ b/src/main/java/dgu/choco_express/dto/jwt/response/JwtDto.java @@ -0,0 +1,18 @@ +package dgu.choco_express.dto.jwt.response; + +import lombok.Builder; + +import java.io.Serializable; + +@Builder +public record JwtDto( + String accessToken, + String refreshToken +) implements Serializable { + public static JwtDto of(String accessToken, String refreshToken){ + return JwtDto.builder() + .accessToken(accessToken) + .refreshToken(refreshToken) + .build(); + } +} diff --git a/src/main/java/dgu/choco_express/exception/CommonException.java b/src/main/java/dgu/choco_express/exception/CommonException.java new file mode 100644 index 0000000..cc92b07 --- /dev/null +++ b/src/main/java/dgu/choco_express/exception/CommonException.java @@ -0,0 +1,17 @@ +package dgu.choco_express.exception; + +import lombok.Getter; + +@Getter +public class CommonException extends RuntimeException { + private final ErrorCode code; + + public CommonException(ErrorCode code) { + super(code.getMessage()); + this.code = code; + } + + public static CommonException type(ErrorCode code) { + return new CommonException(code); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/exception/ErrorCode.java b/src/main/java/dgu/choco_express/exception/ErrorCode.java new file mode 100644 index 0000000..8d907fe --- /dev/null +++ b/src/main/java/dgu/choco_express/exception/ErrorCode.java @@ -0,0 +1,9 @@ +package dgu.choco_express.exception; + +import org.springframework.http.HttpStatus; + +public interface ErrorCode { + HttpStatus getStatus(); + String getErrorCode(); + String getMessage(); +} diff --git a/src/main/java/dgu/choco_express/exception/ErrorResponse.java b/src/main/java/dgu/choco_express/exception/ErrorResponse.java new file mode 100644 index 0000000..8bd12d5 --- /dev/null +++ b/src/main/java/dgu/choco_express/exception/ErrorResponse.java @@ -0,0 +1,29 @@ +package dgu.choco_express.exception; + +import lombok.AccessLevel; +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@Getter +@NoArgsConstructor(access = AccessLevel.PRIVATE) +@AllArgsConstructor +public class ErrorResponse { + private int status; + private String errorCode; + private String message; + + private ErrorResponse(ErrorCode code) { + this.status = code.getStatus().value(); + this.errorCode = code.getErrorCode(); + this.message = code.getMessage(); + } + + public static ErrorResponse from(ErrorCode errorCode) { + return new ErrorResponse(errorCode); + } + + public static ErrorResponse of(ErrorCode errorCode, String message) { + return new ErrorResponse(errorCode.getStatus().value(), errorCode.getErrorCode(), message); + } +} diff --git a/src/main/java/dgu/choco_express/exception/GlobalErrorCode.java b/src/main/java/dgu/choco_express/exception/GlobalErrorCode.java new file mode 100644 index 0000000..f23193c --- /dev/null +++ b/src/main/java/dgu/choco_express/exception/GlobalErrorCode.java @@ -0,0 +1,64 @@ +package dgu.choco_express.exception; + +import lombok.Getter; +import org.springframework.http.HttpStatus; + +@Getter +public enum GlobalErrorCode implements ErrorCode { + /** + * 100 : 진행 정보 + */ + + /** + * 200 : 요청 성공 + */ + SUCCESS(HttpStatus.OK, "SUCCESS", "요청에 성공했습니다."), + CREATED(HttpStatus.CREATED, "CREATED", "요청에 성공했으며 리소스가 정상적으로 생성되었습니다."), + ACCEPTED(HttpStatus.ACCEPTED, "ACCEPTED", "요청에 성공했으나 처리가 완료되지 않았습니다."), + + /** + * 300 : 리다이렉션 + */ + SEE_OTHER(HttpStatus.SEE_OTHER, "REDIRECT", "다른 주소로 요청해주세요."), + + /** + * 400 : 요청 실패 + */ + VALIDATION_ERROR(HttpStatus.BAD_REQUEST, "REQUEST_001", "잘못된 요청입니다."), + EMPTY_JWT(HttpStatus.UNAUTHORIZED, "REQUEST_002", "JWT를 입력해주세요."), + INVALID_JWT(HttpStatus.UNAUTHORIZED, "REQUEST_003", "유효하지 않은 JWT입니다."), + INVALID_TOKEN(HttpStatus.UNAUTHORIZED, "REQUEST_004", "JWT 토큰이 일치하지 않습니다"), + UNAUTHORIZED(HttpStatus.UNAUTHORIZED, "REQUEST_005", "자격 증명이 이루어지지 않았습니다."), + INVALID_USER(HttpStatus.FORBIDDEN,"REQUEST_006","권한이 없는 유저의 접근입니다."), + NOT_FOUND(HttpStatus.NOT_FOUND, "REQUEST_007", "잘못된 접근입니다."), + REQUEST_TIMEOUT(HttpStatus.REQUEST_TIMEOUT, "REQUEST_008", "만료된 접근입니다."), + NOT_SUPPORTED_URI_ERROR(HttpStatus.NOT_FOUND, "REQUEST_009", "지원하지 않는 URL입니다."), + NOT_SUPPORTED_METHOD_ERROR(HttpStatus.METHOD_NOT_ALLOWED, "REQUEST_010", "지원하지 않는 HTTP Method 요청입니다."), + NOT_SUPPORTED_MEDIA_TYPE_ERROR(HttpStatus.UNSUPPORTED_MEDIA_TYPE, "REQUEST_011", "잘못된 미디어 타입입니다."), + INVALID_ENUM(HttpStatus.BAD_REQUEST, "REQUEST_012", "Enum 타입으로 변경할 수 없습니다."), + INVALID_HEADER_VALUE(HttpStatus.UNAUTHORIZED, "REQUEST_13", "올바르지 않은 헤더값입니다."), + EXPIRED_TOKEN_ERROR(HttpStatus.UNAUTHORIZED, "REQUEST_14", "만료된 토큰입니다."), + TOKEN_MALFORMED_ERROR(HttpStatus.UNAUTHORIZED, "REQUEST_15", "토큰이 올바르지 않습니다."), + TOKEN_TYPE_ERROR(HttpStatus.UNAUTHORIZED, "REQUEST_16", "토큰 타입이 일치하지 않거나 비어있습니다."), + TOKEN_UNSUPPORTED_ERROR(HttpStatus.UNAUTHORIZED, "REQUEST_17", "지원하지않는 토큰입니다."), + TOKEN_UNKNOWN_ERROR(HttpStatus.UNAUTHORIZED, "REQUEST_18", "알 수 없는 토큰입니다."), + + /** + * 500 : 응답 실패 + */ + INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "RESPONSE_001", "서버와의 연결에 실패했습니다."), + BAD_GATEWAY(HttpStatus.BAD_GATEWAY, "RESPONSE_002", "다른 서버로부터 잘못된 응답이 수신되었습니다."), + INSUFFICIENT_STORAGE(HttpStatus.INSUFFICIENT_STORAGE, "RESPONSE_003", "서버의 용량이 부족해 요청에 실패했습니다."), + UNSUPPORTED_ENCODING(HttpStatus.INTERNAL_SERVER_ERROR, "RESPONSE_004", "지원하지 않는 인코딩입니다.") + ; + + private final HttpStatus status; + private final String errorCode; + private final String message; + + GlobalErrorCode(HttpStatus status, String errorCode, String message) { + this.status = status; + this.errorCode = errorCode; + this.message = message; + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/exception/UserErrorCode.java b/src/main/java/dgu/choco_express/exception/UserErrorCode.java new file mode 100644 index 0000000..72579a3 --- /dev/null +++ b/src/main/java/dgu/choco_express/exception/UserErrorCode.java @@ -0,0 +1,16 @@ +package dgu.choco_express.exception; + +import lombok.Getter; +import lombok.RequiredArgsConstructor; +import org.springframework.http.HttpStatus; + +@Getter +@RequiredArgsConstructor +public enum UserErrorCode implements ErrorCode { + NOT_FOUND_USER(HttpStatus.NOT_FOUND, "USER_001", "존재하지 않는 사용자입니다."), + ; + + private final HttpStatus status; + private final String errorCode; + private final String message; +} diff --git a/src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java b/src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java new file mode 100644 index 0000000..59f87d0 --- /dev/null +++ b/src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java @@ -0,0 +1,34 @@ +package dgu.choco_express.interceptor.post; + +import dgu.choco_express.dto.common.ResponseDto; +import dgu.choco_express.exception.ErrorResponse; +import org.springframework.core.MethodParameter; +import org.springframework.http.MediaType; +import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; +import org.springframework.http.server.ServerHttpRequest; +import org.springframework.http.server.ServerHttpResponse; +import org.springframework.web.bind.annotation.RestControllerAdvice; +import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; + +@RestControllerAdvice +public class ResponseInterceptor implements ResponseBodyAdvice { + @Override + public boolean supports(MethodParameter returnType, Class converterType) { + return !(returnType.getParameterType() == ResponseDto.class) + && MappingJackson2HttpMessageConverter.class.isAssignableFrom(converterType); + } + + @Override + public Object beforeBodyWrite( + Object body, + MethodParameter returnType, + MediaType selectedContentType, + Class selectedConverterType, + ServerHttpRequest request, + ServerHttpResponse response + ) { + if(body instanceof ErrorResponse) + return ResponseDto.fail((ErrorResponse)body); + return ResponseDto.success(body); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/interceptor/pre/UserIdArgumentResolver.java b/src/main/java/dgu/choco_express/interceptor/pre/UserIdArgumentResolver.java new file mode 100644 index 0000000..86e9f26 --- /dev/null +++ b/src/main/java/dgu/choco_express/interceptor/pre/UserIdArgumentResolver.java @@ -0,0 +1,35 @@ +package dgu.choco_express.interceptor.pre; + +import dgu.choco_express.annotation.UserId; +import dgu.choco_express.exception.CommonException; +import dgu.choco_express.exception.GlobalErrorCode; +import org.springframework.core.MethodParameter; +import org.springframework.stereotype.Component; +import org.springframework.web.bind.support.WebDataBinderFactory; +import org.springframework.web.context.request.NativeWebRequest; +import org.springframework.web.context.request.WebRequest; +import org.springframework.web.method.support.HandlerMethodArgumentResolver; +import org.springframework.web.method.support.ModelAndViewContainer; + +@Component +public class UserIdArgumentResolver implements HandlerMethodArgumentResolver { + @Override + public boolean supportsParameter(MethodParameter parameter) { + return parameter.getParameterType().equals(Long.class) + && parameter.hasParameterAnnotation(UserId.class); + } + + @Override + public Object resolveArgument( + MethodParameter parameter, + ModelAndViewContainer mavContainer, + NativeWebRequest webRequest, + WebDataBinderFactory binderFactory + ) throws Exception { + final Object userId = webRequest.getAttribute("USER_ID", WebRequest.SCOPE_REQUEST); + if (userId == null){ + throw CommonException.type(GlobalErrorCode.INVALID_HEADER_VALUE); + } + return Long.valueOf(userId.toString()); + } +} diff --git a/src/main/java/dgu/choco_express/interceptor/pre/UserIdInterceptor.java b/src/main/java/dgu/choco_express/interceptor/pre/UserIdInterceptor.java new file mode 100644 index 0000000..80d1a0b --- /dev/null +++ b/src/main/java/dgu/choco_express/interceptor/pre/UserIdInterceptor.java @@ -0,0 +1,21 @@ +package dgu.choco_express.interceptor.pre; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.servlet.HandlerInterceptor; + +public class UserIdInterceptor implements HandlerInterceptor { + @Override + public boolean preHandle( + HttpServletRequest request, + HttpServletResponse response, + Object handler + ) throws Exception { + final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + request.setAttribute("USER_ID", authentication.getName()); + + return HandlerInterceptor.super.preHandle(request, response, handler); + } +} diff --git a/src/main/java/dgu/choco_express/repository/RefreshTokenRepository.java b/src/main/java/dgu/choco_express/repository/RefreshTokenRepository.java new file mode 100644 index 0000000..aa76d2d --- /dev/null +++ b/src/main/java/dgu/choco_express/repository/RefreshTokenRepository.java @@ -0,0 +1,7 @@ +package dgu.choco_express.repository; + +import dgu.choco_express.domain.refreshToken.RefreshToken; +import org.springframework.data.repository.CrudRepository; + +public interface RefreshTokenRepository extends CrudRepository { +} diff --git a/src/main/java/dgu/choco_express/repository/UserRepository.java b/src/main/java/dgu/choco_express/repository/UserRepository.java new file mode 100644 index 0000000..30a1e2d --- /dev/null +++ b/src/main/java/dgu/choco_express/repository/UserRepository.java @@ -0,0 +1,21 @@ +package dgu.choco_express.repository; + +import dgu.choco_express.domain.user.User; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; + +import java.util.Optional; + +public interface UserRepository extends JpaRepository { + // @Query + @Query("select u.id as id, u.role as role from User u where u.serialId = :serialId") + Optional findUserSecurityFromBySerialId(@Param("serialId") String serialId); + + @Query("select u.id as id, u.role as role from User u where u.id = :id") + Optional findUserSecurityFromById(@Param("id") Long id); + + // query method + Optional findBySerialId(String serialId); + Optional findById(Long id); +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/repository/UserSecurityForm.java b/src/main/java/dgu/choco_express/repository/UserSecurityForm.java new file mode 100644 index 0000000..1e23b37 --- /dev/null +++ b/src/main/java/dgu/choco_express/repository/UserSecurityForm.java @@ -0,0 +1,23 @@ +package dgu.choco_express.repository; + +import dgu.choco_express.domain.user.ERole; +import dgu.choco_express.domain.user.User; + +public interface UserSecurityForm { + Long getId(); + ERole getRole(); + + static UserSecurityForm invoke(User user){ + return new UserSecurityForm() { + @Override + public Long getId() { + return user.getId(); + } + + @Override + public ERole getRole() { + return user.getRole(); + } + }; + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/config/SecurityConfig.java b/src/main/java/dgu/choco_express/security/config/SecurityConfig.java new file mode 100644 index 0000000..3568bf9 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/config/SecurityConfig.java @@ -0,0 +1,76 @@ +package dgu.choco_express.security.config; + +import dgu.choco_express.constant.Constants; +import dgu.choco_express.security.filter.JwtAuthenticationFilter; +import dgu.choco_express.security.filter.JwtExceptionFilter; +import dgu.choco_express.security.handler.exception.CustomAccessDeniedHandler; +import dgu.choco_express.security.handler.exception.CustomAuthenticationEntryPointHandler; +import dgu.choco_express.security.handler.login.Oauth2FailureHandler; +import dgu.choco_express.security.handler.login.Oauth2SuccessHandler; +import dgu.choco_express.security.handler.logout.CustomLogoutProcessHandler; +import dgu.choco_express.security.handler.logout.CustomLogoutResultHandler; +import dgu.choco_express.security.provider.JwtAuthenticationManager; +import dgu.choco_express.security.service.CustomOauth2UserDetailService; +import dgu.choco_express.util.JwtUtil; +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.logout.LogoutFilter; + +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class SecurityConfig { + private final Oauth2SuccessHandler oauth2SuccessHandler; + private final Oauth2FailureHandler oauth2FailureHandler; + private final CustomOauth2UserDetailService customOauth2UserDetailService; + private final CustomLogoutProcessHandler customLogoutProcessHandler; + private final CustomLogoutResultHandler customLogoutResultHandler; + private final CustomAccessDeniedHandler customAccessDeniedHandler; + private final CustomAuthenticationEntryPointHandler customAuthenticationEntryPointHandler; + private final JwtUtil jwtUtil; + private final JwtAuthenticationManager jwtAuthenticationManager; + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + return http + .csrf(AbstractHttpConfigurer::disable) + .httpBasic(AbstractHttpConfigurer::disable) + .sessionManagement(session -> + session.sessionCreationPolicy(SessionCreationPolicy.STATELESS) + ) + .authorizeHttpRequests(request -> + request + .requestMatchers(Constants.NO_NEED_AUTH.toArray(String[]::new)).permitAll() + .requestMatchers("/api/**").hasAnyRole("USER") + .anyRequest().authenticated() + ) + .formLogin(AbstractHttpConfigurer::disable) + .oauth2Login(oauth2 -> oauth2 + .successHandler(oauth2SuccessHandler) + .failureHandler(oauth2FailureHandler) + .userInfoEndpoint(it -> it.userService(customOauth2UserDetailService)) + ) + .logout(logout -> logout + .logoutUrl("/api/auth/logout") + .addLogoutHandler(customLogoutProcessHandler) + .logoutSuccessHandler(customLogoutResultHandler) + ) + .exceptionHandling(exception -> exception + .accessDeniedHandler(customAccessDeniedHandler) + .authenticationEntryPoint(customAuthenticationEntryPointHandler) + ) + .addFilterBefore( + new JwtAuthenticationFilter(jwtUtil, jwtAuthenticationManager), LogoutFilter.class + ) + .addFilterBefore( + new JwtExceptionFilter(), JwtAuthenticationFilter.class + ) + .getOrBuild(); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/filter/JwtAuthenticationFilter.java b/src/main/java/dgu/choco_express/security/filter/JwtAuthenticationFilter.java new file mode 100644 index 0000000..9074466 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/filter/JwtAuthenticationFilter.java @@ -0,0 +1,75 @@ +package dgu.choco_express.security.filter; + +import dgu.choco_express.constant.Constants; +import dgu.choco_express.domain.user.ERole; +import dgu.choco_express.exception.CommonException; +import dgu.choco_express.exception.GlobalErrorCode; +import dgu.choco_express.security.info.JwtUserInfo; +import dgu.choco_express.security.provider.JwtAuthenticationManager; +import dgu.choco_express.util.HeaderUtil; +import dgu.choco_express.util.JwtUtil; +import io.jsonwebtoken.Claims; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +@Slf4j +@Component +@RequiredArgsConstructor +public class JwtAuthenticationFilter extends OncePerRequestFilter { + private final JwtUtil jwtUtil; + private final JwtAuthenticationManager jwtAuthenticationManager; + + @Override + protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException{ + return Constants.NO_NEED_AUTH.contains(request.getRequestURI()); + } + + @Override + protected void doFilterInternal( + HttpServletRequest request, + HttpServletResponse response, + FilterChain filterChain + ) throws ServletException, IOException { + String token = HeaderUtil.refineHeader(request, Constants.PREFIX_AUTH, Constants.PREFIX_BEARER) + .orElseThrow(() -> CommonException.type(GlobalErrorCode.INVALID_HEADER_VALUE)); + + Claims claims = jwtUtil.validateToken(token); + log.info("claim: getUserId() = {}", claims.get(Constants.CLAIM_USER_ID, Long.class)); + + // 클레임에서 사용자 정보 추출 + JwtUserInfo jwtUserInfo = new JwtUserInfo( + claims.get(Constants.CLAIM_USER_ID, Long.class), + ERole.valueOf(claims.get(Constants.CLAIM_USER_ROLE, String.class)) + ); + + // 인증 받지 않은 인증용 객체 생성 + UsernamePasswordAuthenticationToken unAuthenticatedToken = + new UsernamePasswordAuthenticationToken(jwtUserInfo, null, null); + + // 인증 받은 후의 인증 객체 생성 + UsernamePasswordAuthenticationToken authenticatedToken = + (UsernamePasswordAuthenticationToken) jwtAuthenticationManager.authenticate(unAuthenticatedToken); + log.info("인증 성공"); + + // 사용자의 IP 등 세부 정보 인증 정보에 추가 + authenticatedToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + + SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); + securityContext.setAuthentication(authenticatedToken); + SecurityContextHolder.setContext(securityContext); + + filterChain.doFilter(request, response); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/filter/JwtExceptionFilter.java b/src/main/java/dgu/choco_express/security/filter/JwtExceptionFilter.java new file mode 100644 index 0000000..33332d7 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/filter/JwtExceptionFilter.java @@ -0,0 +1,68 @@ +package dgu.choco_express.security.filter; + +import dgu.choco_express.constant.Constants; +import dgu.choco_express.exception.CommonException; +import dgu.choco_express.exception.GlobalErrorCode; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.JwtException; +import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.UnsupportedJwtException; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +@Slf4j +public class JwtExceptionFilter extends OncePerRequestFilter { + @Override + protected boolean shouldNotFilter(HttpServletRequest request) { + return Constants.NO_NEED_AUTH.contains(request.getRequestURI()); + } + + @Override + protected void doFilterInternal( + HttpServletRequest request, + HttpServletResponse response, + FilterChain filterChain + ) throws ServletException, IOException { + try { + filterChain.doFilter(request, response); + } catch (SecurityException e) { + log.error("FilterException throw SecurityException Exception : {}", e.getMessage()); + request.setAttribute("exception", GlobalErrorCode.INVALID_USER); + filterChain.doFilter(request, response); + } catch (MalformedJwtException e) { + log.error("FilterException throw MalformedJwtException Exception : {}", e.getMessage()); + request.setAttribute("exception", GlobalErrorCode.TOKEN_MALFORMED_ERROR); + filterChain.doFilter(request, response); + } catch (IllegalArgumentException e) { + log.error("FilterException throw IllegalArgumentException Exception : {}", e.getMessage()); + request.setAttribute("exception", GlobalErrorCode.TOKEN_TYPE_ERROR); + filterChain.doFilter(request, response); + } catch (ExpiredJwtException e) { + log.error("FilterException throw ExpiredJwtException Exception : {}", e.getMessage()); + request.setAttribute("exception", GlobalErrorCode.EXPIRED_TOKEN_ERROR); + filterChain.doFilter(request, response); + } catch (UnsupportedJwtException e) { + log.error("FilterException throw UnsupportedJwtException Exception : {}", e.getMessage()); + request.setAttribute("exception", GlobalErrorCode.TOKEN_UNSUPPORTED_ERROR); + filterChain.doFilter(request, response); + } catch (JwtException e) { + log.error("FilterException throw JwtException Exception : {}", e.getMessage()); + request.setAttribute("exception", GlobalErrorCode.TOKEN_UNKNOWN_ERROR); + filterChain.doFilter(request, response); + } catch (CommonException e) { + log.error("FilterException throw BaseException Exception : {}", e.getMessage()); + request.setAttribute("exception", e.getCode()); + filterChain.doFilter(request, response); + } catch (Exception e) { + log.error("FilterException throw Exception Exception : {}", e.getMessage()); + request.setAttribute("exception", GlobalErrorCode.INTERNAL_SERVER_ERROR); + filterChain.doFilter(request, response); + } + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/handler/exception/CustomAccessDeniedHandler.java b/src/main/java/dgu/choco_express/security/handler/exception/CustomAccessDeniedHandler.java new file mode 100644 index 0000000..9cd2eee --- /dev/null +++ b/src/main/java/dgu/choco_express/security/handler/exception/CustomAccessDeniedHandler.java @@ -0,0 +1,25 @@ +package dgu.choco_express.security.handler.exception; + +import dgu.choco_express.exception.GlobalErrorCode; +import dgu.choco_express.security.info.AuthenticationResponse; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.web.access.AccessDeniedHandler; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Slf4j +@Component +public class CustomAccessDeniedHandler implements AccessDeniedHandler { + @Override + public void handle(HttpServletRequest request, + HttpServletResponse response, + AccessDeniedException accessDeniedException + ) throws IOException, ServletException { + AuthenticationResponse.makeFailureResponse(response, GlobalErrorCode.INVALID_USER); + } +} diff --git a/src/main/java/dgu/choco_express/security/handler/exception/CustomAuthenticationEntryPointHandler.java b/src/main/java/dgu/choco_express/security/handler/exception/CustomAuthenticationEntryPointHandler.java new file mode 100644 index 0000000..2dfbc58 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/handler/exception/CustomAuthenticationEntryPointHandler.java @@ -0,0 +1,29 @@ +package dgu.choco_express.security.handler.exception; + +import dgu.choco_express.exception.ErrorCode; +import dgu.choco_express.exception.GlobalErrorCode; +import dgu.choco_express.security.info.AuthenticationResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Slf4j +@Component +public class CustomAuthenticationEntryPointHandler implements AuthenticationEntryPoint { + @Override + public void commence(HttpServletRequest request, + HttpServletResponse response, + AuthenticationException authenticationException) throws IOException { + ErrorCode errorCode = (ErrorCode) request.getAttribute("exception"); + if (errorCode == null) { + AuthenticationResponse.makeFailureResponse(response, GlobalErrorCode.VALIDATION_ERROR); + return; + } + AuthenticationResponse.makeFailureResponse(response, errorCode); + } +} diff --git a/src/main/java/dgu/choco_express/security/handler/login/Oauth2FailureHandler.java b/src/main/java/dgu/choco_express/security/handler/login/Oauth2FailureHandler.java new file mode 100644 index 0000000..dc68671 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/handler/login/Oauth2FailureHandler.java @@ -0,0 +1,25 @@ +package dgu.choco_express.security.handler.login; + +import dgu.choco_express.exception.GlobalErrorCode; +import dgu.choco_express.security.info.AuthenticationResponse; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.authentication.AuthenticationFailureHandler; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Component +public class Oauth2FailureHandler implements AuthenticationFailureHandler { + + @Override + public void onAuthenticationFailure( + HttpServletRequest request, + HttpServletResponse response, + AuthenticationException exception + ) throws IOException, ServletException { + AuthenticationResponse.makeFailureResponse(response, GlobalErrorCode.INTERNAL_SERVER_ERROR); + } +} diff --git a/src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java b/src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java new file mode 100644 index 0000000..8131b41 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java @@ -0,0 +1,47 @@ +package dgu.choco_express.security.handler.login; + +import dgu.choco_express.dto.jwt.response.JwtDto; +import dgu.choco_express.repository.UserRepository; +import dgu.choco_express.security.info.AuthenticationResponse; +import dgu.choco_express.security.info.UserPrincipal; +import dgu.choco_express.service.JwtService; +import dgu.choco_express.util.JwtUtil; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.springframework.stereotype.Component; +import org.springframework.transaction.annotation.Transactional; + +import java.io.IOException; + +@Component +@RequiredArgsConstructor +public class Oauth2SuccessHandler implements AuthenticationSuccessHandler { + + @Value("${server.domain}") + private String domain; + private final JwtUtil jwtUtil; + private final UserRepository userRepository; + private final JwtService jwtService; + + @Override + @Transactional + public void onAuthenticationSuccess( + HttpServletRequest request, + HttpServletResponse response, + Authentication authentication + ) throws IOException, ServletException { + UserPrincipal principal = (UserPrincipal) authentication.getPrincipal(); + JwtDto jwtDto = jwtUtil.generateTokens(principal.getUserId(), principal.getRole()); + + jwtService.updateRefreshToken(principal.getUserId(), jwtDto.refreshToken()); + + AuthenticationResponse.makeLoginSuccessResponse(response, domain, jwtDto, jwtUtil.getRefreshExpiration()); + + response.sendRedirect("http://" + domain); + } +} diff --git a/src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutProcessHandler.java b/src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutProcessHandler.java new file mode 100644 index 0000000..e390e5a --- /dev/null +++ b/src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutProcessHandler.java @@ -0,0 +1,39 @@ +package dgu.choco_express.security.handler.logout; + +import dgu.choco_express.constant.Constants; +import dgu.choco_express.exception.CommonException; +import dgu.choco_express.exception.GlobalErrorCode; +import dgu.choco_express.service.JwtService; +import dgu.choco_express.util.HeaderUtil; +import dgu.choco_express.util.JwtUtil; +import io.jsonwebtoken.Claims; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.logout.LogoutHandler; +import org.springframework.stereotype.Component; +import org.springframework.transaction.annotation.Transactional; + +@Slf4j +@Component +@RequiredArgsConstructor +public class CustomLogoutProcessHandler implements LogoutHandler { + private final JwtService jwtTokenService; + private final JwtUtil jwtUtil; + + @Override + @Transactional + public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { + if (authentication == null) { + throw CommonException.type(GlobalErrorCode.UNAUTHORIZED); + } + + String accessToken = HeaderUtil.refineHeader(request, Constants.PREFIX_AUTH, Constants.PREFIX_BEARER) + .orElseThrow(() -> CommonException.type(GlobalErrorCode.INVALID_HEADER_VALUE)); + + Claims claims = jwtUtil.validateToken(accessToken); + jwtTokenService.deleteRefreshToken(claims.get(Constants.CLAIM_USER_ID, Long.class)); + } +} diff --git a/src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutResultHandler.java b/src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutResultHandler.java new file mode 100644 index 0000000..b748dd2 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/handler/logout/CustomLogoutResultHandler.java @@ -0,0 +1,25 @@ +package dgu.choco_express.security.handler.logout; + +import dgu.choco_express.exception.UserErrorCode; +import dgu.choco_express.security.info.AuthenticationResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Slf4j +@Component +public class CustomLogoutResultHandler implements LogoutSuccessHandler { + @Override + public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { + if (authentication == null) { + log.info("인증 정보가 존재하지 않습니다. authentication is null."); + AuthenticationResponse.makeFailureResponse(response, UserErrorCode.NOT_FOUND_USER); + } + AuthenticationResponse.makeSuccessResponse(response); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/info/AuthenticationResponse.java b/src/main/java/dgu/choco_express/security/info/AuthenticationResponse.java new file mode 100644 index 0000000..51bb707 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/info/AuthenticationResponse.java @@ -0,0 +1,67 @@ +package dgu.choco_express.security.info; + +import dgu.choco_express.constant.Constants; +import dgu.choco_express.dto.jwt.response.JwtDto; +import dgu.choco_express.exception.ErrorCode; +import dgu.choco_express.exception.GlobalErrorCode; +import dgu.choco_express.util.CookieUtil; +import jakarta.servlet.http.HttpServletResponse; +import net.minidev.json.JSONValue; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +public class AuthenticationResponse { + + public static void makeLoginSuccessResponse( + HttpServletResponse response, + String domain, + JwtDto jwtDto, + Integer refreshExpiration + ) throws IOException { + CookieUtil.addCookie( + response, + domain, + Constants.ACCESS_COOKIE_NAME, + jwtDto.accessToken() + ); + CookieUtil.addSecureCookie( + response, + domain, + Constants.REFRESH_COOKIE_NAME, + jwtDto.refreshToken(), + refreshExpiration + ); + + makeSuccessResponse(response); + } + + public static void makeSuccessResponse(HttpServletResponse response) throws IOException { + + ErrorCode successCode = GlobalErrorCode.SUCCESS; + response.setContentType("application/json"); + response.setCharacterEncoding("UTF-8"); + response.setStatus(successCode.getStatus().value()); + + Map body = new HashMap<>(); + body.put("errorCode", successCode.getErrorCode()); + body.put("message", successCode.getMessage()); + body.put("result", null); + + response.getWriter().write(JSONValue.toJSONString(body)); + } + + public static void makeFailureResponse(HttpServletResponse response, ErrorCode errorCode) throws IOException { + response.setContentType("application/json"); + response.setCharacterEncoding("UTF-8"); + response.setStatus(errorCode.getStatus().value()); + + Map body= new HashMap<>(); + body.put("errorCode", errorCode.getErrorCode()); + body.put("message", errorCode.getMessage()); + body.put("result", null); + + response.getWriter().write(JSONValue.toJSONString(body)); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/info/JwtUserInfo.java b/src/main/java/dgu/choco_express/security/info/JwtUserInfo.java new file mode 100644 index 0000000..367e442 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/info/JwtUserInfo.java @@ -0,0 +1,7 @@ +package dgu.choco_express.security.info; + + +import dgu.choco_express.domain.user.ERole; + +public record JwtUserInfo(Long userId, ERole role) { +} diff --git a/src/main/java/dgu/choco_express/security/info/KakaoOauth2UserInfo.java b/src/main/java/dgu/choco_express/security/info/KakaoOauth2UserInfo.java new file mode 100644 index 0000000..33561d6 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/info/KakaoOauth2UserInfo.java @@ -0,0 +1,22 @@ +package dgu.choco_express.security.info; + +import dgu.choco_express.security.info.factory.Oauth2UserInfo; + +import java.util.Map; + +public class KakaoOauth2UserInfo extends Oauth2UserInfo { + public KakaoOauth2UserInfo(Map attributes) { + super(attributes); + } + + @Override + public String getId() { + return attributes.get("id").toString(); + } + + @Override + public String getNickname() { + Map properties = (Map) attributes.get("properties"); + return properties.get("nickname").toString(); + } +} diff --git a/src/main/java/dgu/choco_express/security/info/UserPrincipal.java b/src/main/java/dgu/choco_express/security/info/UserPrincipal.java new file mode 100644 index 0000000..5ea9987 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/info/UserPrincipal.java @@ -0,0 +1,93 @@ +package dgu.choco_express.security.info; + +import dgu.choco_express.domain.user.ERole; +import dgu.choco_express.repository.UserSecurityForm; +import lombok.Builder; +import lombok.Getter; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.oauth2.core.user.OAuth2User; + +import java.util.Collection; +import java.util.Collections; +import java.util.Map; + +@Getter +@Builder +@RequiredArgsConstructor +public class UserPrincipal implements UserDetails, OAuth2User { + private final Long userId; + private final String password; + private final ERole role; + private final Map attributes; + private final Collection authorities; + + public static UserPrincipal create(UserSecurityForm securityForm) { + return UserPrincipal.builder() + .userId(securityForm.getId()) + .role(securityForm.getRole()) + .authorities(Collections.singleton(new SimpleGrantedAuthority(securityForm.getRole().getSecurityRole()))) + .build(); + } + + public static UserPrincipal create( + UserSecurityForm securityForm, + Map attributes + ) { + return UserPrincipal.builder() + .userId(securityForm.getId()) + .role(securityForm.getRole()) + .attributes(attributes) + .authorities(Collections.singleton( + new SimpleGrantedAuthority(securityForm.getRole().getSecurityRole())) + ) + .build(); + } + + @Override + public Map getAttributes() { + return attributes; + } + + @Override + public Collection getAuthorities() { + return this.authorities; + } + + @Override + public String getPassword() { + return null; + } + + @Override + public String getUsername() { + return this.userId.toString(); + } + + @Override + public boolean isAccountNonExpired() { + return true; + } + + @Override + public boolean isAccountNonLocked() { + return true; + } + + @Override + public boolean isCredentialsNonExpired() { + return true; + } + + @Override + public boolean isEnabled() { + return true; + } + + @Override + public String getName() { + return userId.toString(); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfo.java b/src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfo.java new file mode 100644 index 0000000..df889a8 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfo.java @@ -0,0 +1,14 @@ +package dgu.choco_express.security.info.factory; + +import lombok.Getter; +import lombok.RequiredArgsConstructor; + +import java.util.Map; + +@Getter +@RequiredArgsConstructor +public abstract class Oauth2UserInfo { + protected final Map attributes; + public abstract String getId(); + public abstract String getNickname(); +} diff --git a/src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfoFactory.java b/src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfoFactory.java new file mode 100644 index 0000000..f3ddf8a --- /dev/null +++ b/src/main/java/dgu/choco_express/security/info/factory/Oauth2UserInfoFactory.java @@ -0,0 +1,22 @@ +package dgu.choco_express.security.info.factory; + +import dgu.choco_express.domain.user.EProvider; +import dgu.choco_express.security.info.KakaoOauth2UserInfo; + +import java.util.Map; + +public class Oauth2UserInfoFactory { + + public static Oauth2UserInfo getOauth2UserInfo( + EProvider provider, + Map attributes + ) { + Oauth2UserInfo ret; + switch (provider) { + case KAKAO -> ret = new KakaoOauth2UserInfo(attributes); + default -> throw new IllegalAccessError("잘못된 제공자입니다."); + } + + return ret; + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationManager.java b/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationManager.java new file mode 100644 index 0000000..de69f51 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationManager.java @@ -0,0 +1,21 @@ +package dgu.choco_express.security.provider; + +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.stereotype.Component; + +@Slf4j +@Component +@RequiredArgsConstructor +public class JwtAuthenticationManager implements AuthenticationManager { + private final JwtAuthenticationProvider jwtAuthenticationProvider; + + @Override + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + log.info("AuthenticationManager 진입"); + return jwtAuthenticationProvider.authenticate(authentication); + } +} diff --git a/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java b/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java new file mode 100644 index 0000000..7a9f16c --- /dev/null +++ b/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java @@ -0,0 +1,55 @@ +package dgu.choco_express.security.provider; + +import dgu.choco_express.exception.CommonException; +import dgu.choco_express.exception.GlobalErrorCode; +import dgu.choco_express.security.info.JwtUserInfo; +import dgu.choco_express.security.info.UserPrincipal; +import dgu.choco_express.security.service.CustomUserDetailService; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Component; + +@Slf4j +@Component +@RequiredArgsConstructor +public class JwtAuthenticationProvider implements AuthenticationProvider { + private final CustomUserDetailService customUserDetailService; + + @Override + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + log.info("AuthenticationProvider 진입 성공"); + if (authentication.getPrincipal().getClass().equals(String.class)) { + log.info("로그인 로직 인증 과정"); + return authOfLogin(authentication); + } else { + log.info("로그인 한 사용자 검증 과정"); + return authOfAfterLogin((JwtUserInfo) authentication.getPrincipal()); + } + } + + private Authentication authOfLogin(Authentication authentication) { + // DB에 저장된 실제 데이터 + UserPrincipal userPrincipal = customUserDetailService + .loadUserByUsername(authentication.getPrincipal().toString()); + + // 비밀번호 검증 로직 +// if (!bCryptPasswordEncoder.matches(authentication.getCredentials().toString(), userPrincipal.getPassword())) +// throw new UsernameNotFoundException("비밀번호가 일치하지 않습니다 ! "); + return new UsernamePasswordAuthenticationToken(userPrincipal, null, userPrincipal.getAuthorities()); + } + + private Authentication authOfAfterLogin(JwtUserInfo userInfo) { + UserPrincipal userPrincipal = customUserDetailService.loadUserById(userInfo.userId()); + return new UsernamePasswordAuthenticationToken(userPrincipal, null, userPrincipal.getAuthorities()); + } + + @Override + public boolean supports(Class authentication) { + return authentication.equals(UsernamePasswordAuthenticationToken.class); + } +} \ No newline at end of file diff --git a/src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java b/src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java new file mode 100644 index 0000000..ee8e890 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java @@ -0,0 +1,59 @@ +package dgu.choco_express.security.service; + +import dgu.choco_express.domain.user.EProvider; +import dgu.choco_express.domain.user.ERole; +import dgu.choco_express.domain.user.User; +import dgu.choco_express.repository.UserRepository; +import dgu.choco_express.repository.UserSecurityForm; +import dgu.choco_express.security.info.UserPrincipal; +import dgu.choco_express.security.info.factory.Oauth2UserInfo; +import dgu.choco_express.security.info.factory.Oauth2UserInfoFactory; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService; +import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest; +import org.springframework.security.oauth2.core.OAuth2AuthenticationException; +import org.springframework.security.oauth2.core.user.OAuth2User; +import org.springframework.stereotype.Service; + +@Slf4j +@Service +@RequiredArgsConstructor +public class CustomOauth2UserDetailService extends DefaultOAuth2UserService { + + private final UserRepository userRepository; + + @Override + public OAuth2User loadUser( + OAuth2UserRequest userRequest + ) throws OAuth2AuthenticationException { + // provider 가져오기 + EProvider provider = EProvider.valueOf( + userRequest.getClientRegistration().getRegistrationId().toUpperCase() + ); + log.info("oauth 제공자 정보 가져오기 성공, 제공자 = {}", provider); + // 사용자 정보 가져오기 + Oauth2UserInfo oauth2UserInfo = Oauth2UserInfoFactory + .getOauth2UserInfo(provider, super.loadUser(userRequest).getAttributes()); + log.info("oauth 사용자 정보 가져오기 성공"); + log.info("attributes = {}", oauth2UserInfo.getAttributes().toString()); + + UserSecurityForm securityForm = userRepository + .findUserSecurityFromBySerialId(oauth2UserInfo.getId()) + .orElseGet(() -> { + log.info("새로운 사용자 접근, 저장 로직 진입"); + User newUser = userRepository.save( + User.builder() + .serialId(oauth2UserInfo.getId()) + .name(oauth2UserInfo.getNickname()) + .provider(provider) + .role(ERole.USER) + .build() + ); + return UserSecurityForm.invoke(newUser); + }); + log.info("oauth2 사용자 조회 성공"); + return UserPrincipal.create(securityForm, oauth2UserInfo.getAttributes()); + } +} diff --git a/src/main/java/dgu/choco_express/security/service/CustomUserDetailService.java b/src/main/java/dgu/choco_express/security/service/CustomUserDetailService.java new file mode 100644 index 0000000..3f649e1 --- /dev/null +++ b/src/main/java/dgu/choco_express/security/service/CustomUserDetailService.java @@ -0,0 +1,36 @@ +package dgu.choco_express.security.service; + +import dgu.choco_express.exception.CommonException; +import dgu.choco_express.exception.UserErrorCode; +import dgu.choco_express.repository.UserRepository; +import dgu.choco_express.repository.UserSecurityForm; +import dgu.choco_express.security.info.UserPrincipal; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +@Slf4j +@Service +@RequiredArgsConstructor +public class CustomUserDetailService implements UserDetailsService { + private final UserRepository userRepository; + + @Override + public UserPrincipal loadUserByUsername(String username) throws UsernameNotFoundException { + UserSecurityForm userSecurityForm = userRepository.findUserSecurityFromBySerialId(username) + .orElseThrow(() -> new UsernameNotFoundException("존재하지 않는 아이디입니다.")); + log.info(("아이디 기반 조회 성공")); + + return UserPrincipal.create(userSecurityForm); + } + + public UserPrincipal loadUserById(Long id) { + UserSecurityForm userSecurityForm = userRepository.findUserSecurityFromById(id) + .orElseThrow(() -> CommonException.type(UserErrorCode.NOT_FOUND_USER)); + log.info("user id 기반 조회 성공"); + + return UserPrincipal.create(userSecurityForm); + } +} diff --git a/src/main/java/dgu/choco_express/service/JwtService.java b/src/main/java/dgu/choco_express/service/JwtService.java new file mode 100644 index 0000000..49f5ccb --- /dev/null +++ b/src/main/java/dgu/choco_express/service/JwtService.java @@ -0,0 +1,32 @@ +package dgu.choco_express.service; + +import dgu.choco_express.domain.refreshToken.RefreshToken; +import dgu.choco_express.repository.RefreshTokenRepository; +import dgu.choco_express.util.JwtUtil; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +@Service +@RequiredArgsConstructor +public class JwtService { + private final RefreshTokenRepository refreshTokenRepository; + private final JwtUtil jwtUtil; + + @Transactional + public void updateRefreshToken(Long userId, String refreshToken) { + refreshTokenRepository.findById(userId) + .ifPresentOrElse( + existingToken -> { + refreshTokenRepository.deleteById(userId); + refreshTokenRepository.save(RefreshToken.issueRefreshToken(userId, refreshToken)); + }, + () -> refreshTokenRepository.save(RefreshToken.issueRefreshToken(userId, refreshToken)) + ); + } + + @Transactional + public void deleteRefreshToken(Long userId) { + refreshTokenRepository.deleteById(userId); + } +} diff --git a/src/main/java/dgu/choco_express/util/CookieUtil.java b/src/main/java/dgu/choco_express/util/CookieUtil.java new file mode 100644 index 0000000..f826af3 --- /dev/null +++ b/src/main/java/dgu/choco_express/util/CookieUtil.java @@ -0,0 +1,85 @@ +package dgu.choco_express.util; + +import dgu.choco_express.constant.Constants; +import jakarta.servlet.http.Cookie; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.http.ResponseCookie; + +public class CookieUtil { + + public static void addCookie( + HttpServletResponse response, + String domain, + String key, + String value + ) { + ResponseCookie cookie = ResponseCookie.from(key, value) + .path("/") + .domain(domain) + .httpOnly(false) + .secure(true) + .build(); + + response.addHeader("Set-Cookie", cookie.toString()); + } + + public static void logoutCookie( + HttpServletRequest request, + HttpServletResponse response, + String domain + ) { + Cookie[] cookies = request.getCookies(); + if (cookies == null) + return; + + for (Cookie cookie : cookies) { + boolean isAccessCookie = cookie.getName().equals(Constants.ACCESS_COOKIE_NAME); + boolean isRefreshCookie = cookie.getName().equals(Constants.REFRESH_COOKIE_NAME); + + if (isAccessCookie || isRefreshCookie) { + ResponseCookie tempCookie = ResponseCookie.from(cookie.getName(), cookie.getValue()) + .path("/") + .domain(domain) + .secure(true) + .maxAge(0) + .httpOnly(isRefreshCookie) + .build(); + response.addHeader("Set-Cookie", tempCookie.toString()); + } + } + } + + public static void addSecureCookie( + HttpServletResponse response, + String domain, + String key, + String value, + Integer maxAge + ) { + Cookie cookie = new Cookie(key, value); + cookie.setPath("/"); + cookie.setDomain(domain); + cookie.setSecure(true); + cookie.setHttpOnly(true); + cookie.setMaxAge(maxAge); + response.addCookie(cookie); + } + + public static void deleteCookie( + HttpServletRequest request, + HttpServletResponse response, + String name + ) { + Cookie[] cookies = request.getCookies(); + if (cookies == null) + return; + + for (Cookie cookie : cookies) + if (cookie.getName().equals(name)) { + cookie.setMaxAge(0); + cookie.setPath("/"); + response.addCookie(cookie); + } + } +} diff --git a/src/main/java/dgu/choco_express/util/HeaderUtil.java b/src/main/java/dgu/choco_express/util/HeaderUtil.java new file mode 100644 index 0000000..53d4624 --- /dev/null +++ b/src/main/java/dgu/choco_express/util/HeaderUtil.java @@ -0,0 +1,22 @@ +package dgu.choco_express.util; + +import dgu.choco_express.exception.CommonException; +import dgu.choco_express.exception.GlobalErrorCode; +import jakarta.servlet.http.HttpServletRequest; +import org.springframework.util.StringUtils; + +import java.util.Optional; + +public class HeaderUtil { + + public static Optional refineHeader( + HttpServletRequest request, + String headerName, + String prefix + ) { + String headerValue = request.getHeader(headerName); + if (!StringUtils.hasText(headerValue) || !headerValue.startsWith(prefix)) + throw CommonException.type(GlobalErrorCode.INVALID_HEADER_VALUE); + return Optional.of(headerValue.substring(prefix.length())); + } +} diff --git a/src/main/java/dgu/choco_express/util/JwtUtil.java b/src/main/java/dgu/choco_express/util/JwtUtil.java new file mode 100644 index 0000000..ebe1b7c --- /dev/null +++ b/src/main/java/dgu/choco_express/util/JwtUtil.java @@ -0,0 +1,70 @@ +package dgu.choco_express.util; + +import dgu.choco_express.constant.Constants; +import dgu.choco_express.domain.user.ERole; +import dgu.choco_express.dto.jwt.response.JwtDto; +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.Header; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.io.Decoders; +import io.jsonwebtoken.security.Keys; +import lombok.Getter; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import java.security.Key; +import java.util.Date; + +@Component +public class JwtUtil implements InitializingBean { + + @Value("${jwt.secret}") + private String secretKey; + + @Value("${jwt.access-token.expiration}") + @Getter + private Integer accessExpiration; + + @Value("${jwt.refresh-token.expiration}") + @Getter + private Integer refreshExpiration; + + private Key key; + + @Override + public void afterPropertiesSet() throws Exception { + byte[] keyBytes = Decoders.BASE64.decode(secretKey); + this.key = Keys.hmacShaKeyFor(keyBytes); + } + + public Claims validateToken(String token) { + return Jwts.parserBuilder() + .setSigningKey(key) + .build() + .parseClaimsJws(token) + .getBody(); + } + + public String generateToken(Long id, ERole role, Integer expiration) { + Claims claims = Jwts.claims(); + claims.put(Constants.CLAIM_USER_ID, id); + if (role != null) + claims.put(Constants.CLAIM_USER_ROLE, role); + + return Jwts.builder() + .setHeaderParam(Header.JWT_TYPE, Header.JWT_TYPE) + .setClaims(claims) + .setIssuedAt(new Date(System.currentTimeMillis())) + .setExpiration(new Date(System.currentTimeMillis() + expiration)) + .signWith(key) + .compact(); + } + + public JwtDto generateTokens(Long id, ERole role) { + return JwtDto.of( + generateToken(id, role, accessExpiration), + generateToken(id, role, refreshExpiration) + ); + } +} From 5d2a5d0520c322397a69c9c4185e34f43257f7a3 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Thu, 29 Aug 2024 21:51:59 +0900 Subject: [PATCH 03/11] =?UTF-8?q?Refactor:=20=EC=BD=94=EB=93=9C=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/provider/JwtAuthenticationProvider.java | 3 --- .../security/service/CustomOauth2UserDetailService.java | 1 - src/main/java/dgu/choco_express/service/JwtService.java | 2 -- 3 files changed, 6 deletions(-) diff --git a/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java b/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java index 7a9f16c..b9ad778 100644 --- a/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java +++ b/src/main/java/dgu/choco_express/security/provider/JwtAuthenticationProvider.java @@ -1,7 +1,5 @@ package dgu.choco_express.security.provider; -import dgu.choco_express.exception.CommonException; -import dgu.choco_express.exception.GlobalErrorCode; import dgu.choco_express.security.info.JwtUserInfo; import dgu.choco_express.security.info.UserPrincipal; import dgu.choco_express.security.service.CustomUserDetailService; @@ -11,7 +9,6 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Component; @Slf4j diff --git a/src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java b/src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java index ee8e890..020a230 100644 --- a/src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java +++ b/src/main/java/dgu/choco_express/security/service/CustomOauth2UserDetailService.java @@ -10,7 +10,6 @@ import dgu.choco_express.security.info.factory.Oauth2UserInfoFactory; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService; import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; diff --git a/src/main/java/dgu/choco_express/service/JwtService.java b/src/main/java/dgu/choco_express/service/JwtService.java index 49f5ccb..69ffc99 100644 --- a/src/main/java/dgu/choco_express/service/JwtService.java +++ b/src/main/java/dgu/choco_express/service/JwtService.java @@ -2,7 +2,6 @@ import dgu.choco_express.domain.refreshToken.RefreshToken; import dgu.choco_express.repository.RefreshTokenRepository; -import dgu.choco_express.util.JwtUtil; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -11,7 +10,6 @@ @RequiredArgsConstructor public class JwtService { private final RefreshTokenRepository refreshTokenRepository; - private final JwtUtil jwtUtil; @Transactional public void updateRefreshToken(Long userId, String refreshToken) { From 19ba25287fd9515d507bf6de1d1ed26fe68d2a34 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Thu, 29 Aug 2024 21:52:51 +0900 Subject: [PATCH 04/11] =?UTF-8?q?Feat:=20=EC=84=9C=EB=B8=8C=20=EB=AA=A8?= =?UTF-8?q?=EB=93=88=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitmodules | 3 +++ Choco-Express-BE-Properties | 1 + 2 files changed, 4 insertions(+) create mode 100644 .gitmodules create mode 160000 Choco-Express-BE-Properties diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..b35fee9 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "Choco-Express-BE-Properties"] + path = Choco-Express-BE-Properties + url = https://github.com/Choco-Express/Choco-Express-BE-Properties.git diff --git a/Choco-Express-BE-Properties b/Choco-Express-BE-Properties new file mode 160000 index 0000000..107a2e9 --- /dev/null +++ b/Choco-Express-BE-Properties @@ -0,0 +1 @@ +Subproject commit 107a2e95bfc96698f12e0a1aca66cc3628375a83 From ccc80d9248771ad4e6396441921ac1336eea7646 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Thu, 29 Aug 2024 22:10:56 +0900 Subject: [PATCH 05/11] =?UTF-8?q?Fix:=20s=20=EC=A0=81=EC=9A=A9=EC=9C=BC?= =?UTF-8?q?=EB=A1=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/handler/login/Oauth2SuccessHandler.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java b/src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java index 8131b41..28ad514 100644 --- a/src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java +++ b/src/main/java/dgu/choco_express/security/handler/login/Oauth2SuccessHandler.java @@ -42,6 +42,6 @@ public void onAuthenticationSuccess( AuthenticationResponse.makeLoginSuccessResponse(response, domain, jwtDto, jwtUtil.getRefreshExpiration()); - response.sendRedirect("http://" + domain); + response.sendRedirect("https://" + domain); } } From 1c828310576e0c50e3530a03b0280226e8dfec60 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Thu, 29 Aug 2024 22:11:22 +0900 Subject: [PATCH 06/11] =?UTF-8?q?Chore:=20=ED=81=AC=EB=A0=88=EB=8D=B4?= =?UTF-8?q?=EC=85=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Choco-Express-BE-Properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Choco-Express-BE-Properties b/Choco-Express-BE-Properties index 107a2e9..807f5e2 160000 --- a/Choco-Express-BE-Properties +++ b/Choco-Express-BE-Properties @@ -1 +1 @@ -Subproject commit 107a2e95bfc96698f12e0a1aca66cc3628375a83 +Subproject commit 807f5e2cc2dde893e891910cdd5a947c74111bc5 From ea0677925f4280e3ccbae1a0862e8b429cf87bc6 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Thu, 29 Aug 2024 22:32:16 +0900 Subject: [PATCH 07/11] =?UTF-8?q?Fix:=20=EB=B0=B0=ED=8F=AC=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=EB=93=A4=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/deploy.yml | 60 ++++++++++++++++++------------------ Dockerfile | 4 +++ build.gradle | 2 +- deploy.sh | 4 +++ 4 files changed, 39 insertions(+), 31 deletions(-) create mode 100644 Dockerfile create mode 100644 deploy.sh diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 9d464ad..48e2612 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -58,33 +58,33 @@ jobs: port: ${{ 22 }} script: | sh /home/ubuntu/deploy.sh - - cd2: - needs: [ci] - runs-on: ubuntu-20.04 - - steps: - - name: Docker Image Pull And Container Run - uses: appleboy/ssh-action@v1.0.0 - with: - key: ${{ secrets.SSH_PRIVATE_KEY_2 }} - host: ${{ secrets.SSH_HOST_2 }} - username: ${{ secrets.SSH_USERNAME }} - port: ${{ 22 }} - script: | - sh /home/ubuntu/deploy.sh - - cd3: - needs: [ci] - runs-on: ubuntu-20.04 - - steps: - - name: Docker Image Pull And Container Run - uses: appleboy/ssh-action@v1.0.0 - with: - key: ${{ secrets.SSH_PRIVATE_KEY_3 }} - host: ${{ secrets.SSH_HOST_3 }} - username: ${{ secrets.SSH_USERNAME }} - port: ${{ 22 }} - script: | - sh /home/ubuntu/deploy.sh +# +# cd2: +# needs: [ci] +# runs-on: ubuntu-20.04 +# +# steps: +# - name: Docker Image Pull And Container Run +# uses: appleboy/ssh-action@v1.0.0 +# with: +# key: ${{ secrets.SSH_PRIVATE_KEY_2 }} +# host: ${{ secrets.SSH_HOST_2 }} +# username: ${{ secrets.SSH_USERNAME }} +# port: ${{ 22 }} +# script: | +# sh /home/ubuntu/deploy.sh +# +# cd3: +# needs: [ci] +# runs-on: ubuntu-20.04 +# +# steps: +# - name: Docker Image Pull And Container Run +# uses: appleboy/ssh-action@v1.0.0 +# with: +# key: ${{ secrets.SSH_PRIVATE_KEY_3 }} +# host: ${{ secrets.SSH_HOST_3 }} +# username: ${{ secrets.SSH_USERNAME }} +# port: ${{ 22 }} +# script: | +# sh /home/ubuntu/deploy.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..227469e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,4 @@ +FROM openjdk:17-alpine +ARG JAR_FILE=build/libs/*.jar +COPY ${JAR_FILE} app.jar +ENTRYPOINT ["java","-jar","/app.jar", "--spring.profiles.active=prod"] \ No newline at end of file diff --git a/build.gradle b/build.gradle index 0b37c0b..8cd741c 100644 --- a/build.gradle +++ b/build.gradle @@ -51,7 +51,7 @@ dependencies { task copyGitSubmodule(type: Copy) { copy { - from './skeep-properties' + from './Choco-Express-BE-Properties' include '*.yml' into './src/main/resources' } diff --git a/deploy.sh b/deploy.sh new file mode 100644 index 0000000..5d06aad --- /dev/null +++ b/deploy.sh @@ -0,0 +1,4 @@ +#!/bin/bash +./gradlew clean build -x test +docker buildx build --platform linux/amd64 --load --tag jeongheumchoi/choco_express:0.0.1 . +docker push jeongheumchoi/choco_express:0.0.1 From 69ee7be456a7d3700f02d1a998501ca742244570 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Fri, 30 Aug 2024 00:46:27 +0900 Subject: [PATCH 08/11] =?UTF-8?q?Fix:=20=EC=9D=B8=ED=84=B0=EC=85=89?= =?UTF-8?q?=ED=84=B0=20=EC=84=A4=EC=A0=95=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dgu/choco_express/config/WebConfig.java | 34 +++++++++++++++++++ .../interceptor/post/ResponseInterceptor.java | 9 +++-- 2 files changed, 40 insertions(+), 3 deletions(-) create mode 100644 src/main/java/dgu/choco_express/config/WebConfig.java diff --git a/src/main/java/dgu/choco_express/config/WebConfig.java b/src/main/java/dgu/choco_express/config/WebConfig.java new file mode 100644 index 0000000..3ba329c --- /dev/null +++ b/src/main/java/dgu/choco_express/config/WebConfig.java @@ -0,0 +1,34 @@ +package dgu.choco_express.config; + +import dgu.choco_express.constant.Constants; +import dgu.choco_express.interceptor.pre.UserIdArgumentResolver; +import dgu.choco_express.interceptor.pre.UserIdInterceptor; +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.web.method.support.HandlerMethodArgumentResolver; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +import java.util.List; + +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class WebConfig implements WebMvcConfigurer { + + private final UserIdArgumentResolver userIdArgumentResolver; + + @Override + public void addArgumentResolvers(List resolvers) { + WebMvcConfigurer.super.addArgumentResolvers(resolvers); + resolvers.add(this.userIdArgumentResolver); + } + + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(new UserIdInterceptor()) + .addPathPatterns("/**") + .excludePathPatterns(Constants.NO_NEED_AUTH); + } +} diff --git a/src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java b/src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java index 59f87d0..2de80e6 100644 --- a/src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java +++ b/src/main/java/dgu/choco_express/interceptor/post/ResponseInterceptor.java @@ -2,6 +2,7 @@ import dgu.choco_express.dto.common.ResponseDto; import dgu.choco_express.exception.ErrorResponse; +import lombok.NonNull; import org.springframework.core.MethodParameter; import org.springframework.http.MediaType; import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; @@ -10,10 +11,12 @@ import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; -@RestControllerAdvice +@RestControllerAdvice( + basePackages = "dgu.choco_express" +) public class ResponseInterceptor implements ResponseBodyAdvice { @Override - public boolean supports(MethodParameter returnType, Class converterType) { + public boolean supports(MethodParameter returnType, @NonNull Class converterType) { return !(returnType.getParameterType() == ResponseDto.class) && MappingJackson2HttpMessageConverter.class.isAssignableFrom(converterType); } @@ -31,4 +34,4 @@ public Object beforeBodyWrite( return ResponseDto.fail((ErrorResponse)body); return ResponseDto.success(body); } -} \ No newline at end of file +} From 1741a0c42a45ab80dc38ae5a6c66b3db472583f0 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Fri, 30 Aug 2024 00:46:43 +0900 Subject: [PATCH 09/11] =?UTF-8?q?Feat:=20healthCheck=20API=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dgu/choco_express/constant/Constants.java | 1 + .../controller/HealthCheckController.java | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 src/main/java/dgu/choco_express/controller/HealthCheckController.java diff --git a/src/main/java/dgu/choco_express/constant/Constants.java b/src/main/java/dgu/choco_express/constant/Constants.java index fbe4165..0f29a30 100644 --- a/src/main/java/dgu/choco_express/constant/Constants.java +++ b/src/main/java/dgu/choco_express/constant/Constants.java @@ -10,6 +10,7 @@ public class Constants { public static String ACCESS_COOKIE_NAME = "access_token"; public static String REFRESH_COOKIE_NAME = "refresh_token"; public static List NO_NEED_AUTH = List.of( + "/api/health-check", "/api/auth/sign-up", "/api/auth/sign-in", "/oauth2/authorization/kakao" diff --git a/src/main/java/dgu/choco_express/controller/HealthCheckController.java b/src/main/java/dgu/choco_express/controller/HealthCheckController.java new file mode 100644 index 0000000..b513e78 --- /dev/null +++ b/src/main/java/dgu/choco_express/controller/HealthCheckController.java @@ -0,0 +1,18 @@ +package dgu.choco_express.controller; + +import lombok.RequiredArgsConstructor; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@RequiredArgsConstructor +@RequestMapping("/api") +public class HealthCheckController { + + @GetMapping("/health-check") + public ResponseEntity healthCheck() { + return ResponseEntity.ok().build(); + } +} From e71e579125dec1fa8ff8eb264b37863f1bba5bea Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Fri, 30 Aug 2024 00:46:55 +0900 Subject: [PATCH 10/11] =?UTF-8?q?Feat:=20Exception=20handler=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../exception/GlobalExceptionHandler.java | 124 ++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 src/main/java/dgu/choco_express/exception/GlobalExceptionHandler.java diff --git a/src/main/java/dgu/choco_express/exception/GlobalExceptionHandler.java b/src/main/java/dgu/choco_express/exception/GlobalExceptionHandler.java new file mode 100644 index 0000000..4c427d6 --- /dev/null +++ b/src/main/java/dgu/choco_express/exception/GlobalExceptionHandler.java @@ -0,0 +1,124 @@ +package dgu.choco_express.exception; + +import jakarta.servlet.http.HttpServletRequest; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.http.ResponseEntity; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.validation.BindException; +import org.springframework.validation.FieldError; +import org.springframework.web.HttpMediaTypeNotSupportedException; +import org.springframework.web.HttpRequestMethodNotSupportedException; +import org.springframework.web.bind.MethodArgumentNotValidException; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.RestControllerAdvice; +import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException; +import org.springframework.web.servlet.NoHandlerFoundException; + +import java.util.List; + +@Slf4j +@RestControllerAdvice +@RequiredArgsConstructor +public class GlobalExceptionHandler { + /** + * Custom Exception 전용 ExceptionHandler (@RequestBody) + */ + @ExceptionHandler(CommonException.class) + public ResponseEntity applicationException(CommonException e) { + ErrorCode code = e.getCode(); + logging(code); + + return ResponseEntity + .status(code.getStatus()) + .body(ErrorResponse.from(code)); + } + + /** + * 요청 데이터 Validation 전용 ExceptionHandler (@RequestBody) + */ + @ExceptionHandler(MethodArgumentNotValidException.class) + public ResponseEntity methodArgumentNotValidException(MethodArgumentNotValidException e) { + List fieldErrors = e.getBindingResult().getFieldErrors(); + return convert(GlobalErrorCode.VALIDATION_ERROR, extractErrorMessage(fieldErrors)); + } + + /** + * 요청 데이터 Validation 전용 ExceptionHandler (@ModelAttribute) + */ + @ExceptionHandler(BindException.class) + public ResponseEntity bindException(BindException e) { + List fieldErrors = e.getBindingResult().getFieldErrors(); + return convert(GlobalErrorCode.VALIDATION_ERROR, extractErrorMessage(fieldErrors)); + } + + private String extractErrorMessage(List fieldErrors) { + if (fieldErrors.size() == 1) { + return fieldErrors.get(0).getDefaultMessage(); + } + + StringBuffer buffer = new StringBuffer(); + for (FieldError error : fieldErrors) { + buffer.append(error.getDefaultMessage()).append("\n"); + } + return buffer.toString(); + } + + /** + * 존재하지 않는 Endpoint 전용 ExceptionHandler + */ + @ExceptionHandler({NoHandlerFoundException.class, MethodArgumentTypeMismatchException.class}) + public ResponseEntity noHandlerFoundException() { + return convert(GlobalErrorCode.NOT_SUPPORTED_URI_ERROR); + } + + /** + * HTTP Request Method 오류 전용 ExceptionHandler + */ + @ExceptionHandler(HttpRequestMethodNotSupportedException.class) + public ResponseEntity httpRequestMethodNotSupportedException() { + return convert(GlobalErrorCode.NOT_SUPPORTED_METHOD_ERROR); + } + + /** + * MediaType 전용 ExceptionHandler + */ + @ExceptionHandler(HttpMediaTypeNotSupportedException.class) + public ResponseEntity httpMediaTypeNotSupportedException() { + return convert(GlobalErrorCode.NOT_SUPPORTED_MEDIA_TYPE_ERROR); + } + + /** + * HTTP Request Method 오류 전용 ExceptionHandler + */ + @ExceptionHandler(AccessDeniedException.class) + public ResponseEntity accessDeniedException() { + return convert(GlobalErrorCode.INVALID_USER); + } + + /** + * 내부 서버 오류 전용 ExceptionHandler + */ + @ExceptionHandler(RuntimeException.class) + public ResponseEntity handleAnyException(RuntimeException e, HttpServletRequest request) { + log.warn(e.getMessage()); + log.warn(request.toString()); + return convert(GlobalErrorCode.INTERNAL_SERVER_ERROR); + } + + private ResponseEntity convert(ErrorCode code) { + return ResponseEntity + .status(code.getStatus()) + .body(ErrorResponse.from(code)); + } + + private ResponseEntity convert(ErrorCode code, String message) { + return ResponseEntity + .status(code.getStatus()) + .body(ErrorResponse.of(code, message)); + } + + private void logging(ErrorCode code) { + log.warn("{} | {} | {}", code.getStatus(), code.getErrorCode(), code.getMessage()); + } +} From 812e1e93ece97d09a2dcbb6c5ca5f86d374a5421 Mon Sep 17 00:00:00 2001 From: JeongHeumChoi Date: Fri, 30 Aug 2024 12:22:23 +0900 Subject: [PATCH 11/11] =?UTF-8?q?Fix:=20CD=20=EC=BD=94=EB=93=9C=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/deploy.yml | 40 +++++------------------------------- 1 file changed, 5 insertions(+), 35 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 48e2612..10e588e 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -44,47 +44,17 @@ jobs: push: true tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_PROD_REPONAME }}:0.0.1 - cd1: + cd: needs: [ci] runs-on: ubuntu-20.04 steps: - - name: Docker Image Pull And Container Run + - name: Connect Bastion Host And Run deploy.sh uses: appleboy/ssh-action@v1.0.0 with: - key: ${{ secrets.SSH_PRIVATE_KEY_1 }} - host: ${{ secrets.SSH_HOST_1 }} + key: ${{ secrets.SSH_PRIVATE_KEY }} + host: ${{ secrets.SSH_HOST }} username: ${{ secrets.SSH_USERNAME }} port: ${{ 22 }} script: | - sh /home/ubuntu/deploy.sh -# -# cd2: -# needs: [ci] -# runs-on: ubuntu-20.04 -# -# steps: -# - name: Docker Image Pull And Container Run -# uses: appleboy/ssh-action@v1.0.0 -# with: -# key: ${{ secrets.SSH_PRIVATE_KEY_2 }} -# host: ${{ secrets.SSH_HOST_2 }} -# username: ${{ secrets.SSH_USERNAME }} -# port: ${{ 22 }} -# script: | -# sh /home/ubuntu/deploy.sh -# -# cd3: -# needs: [ci] -# runs-on: ubuntu-20.04 -# -# steps: -# - name: Docker Image Pull And Container Run -# uses: appleboy/ssh-action@v1.0.0 -# with: -# key: ${{ secrets.SSH_PRIVATE_KEY_3 }} -# host: ${{ secrets.SSH_HOST_3 }} -# username: ${{ secrets.SSH_USERNAME }} -# port: ${{ 22 }} -# script: | -# sh /home/ubuntu/deploy.sh + sh /home/ubuntu/deploy/deploy.sh